Verizon’s 2016 Data Breach Report reiterates the need for basic data security practices

24/05/2016

IT Governance, the global provider of cyber security and IT governance, risk management and compliance expertise, is encouraging organisations to focus on basic data security practices to avoid a data breach.
 
The response comes after Verizon’s 2016 Data Breach Investigations Report revealed that cyber criminals still rely on familiar attack patterns and exploiting human nature to attack organisations of any size. The most common attack methods are phishing, and malware distribution.
 
According to the report, cyber criminals are getting better and quicker at creating security incidents, while organisations struggle to find out about the breach until weeks or even months later.
 
Despite going against the beliefs commonly held by infosec professionals, the report shows that the actors in data breaches are predominantly external agents, as opposed to company employees. A substantial threat is cyber espionage, in which actors infiltrate the victim’s network seeking sensitive internal data and trade secrets for competitive purposes. Employees who steal the company’s customer database for their own privilege are also represented in this pattern.
 
Phishing, as a leading cause of cyber espionage, has been, and remains, popular due to its effective time response to compromise, and the ability to target specific individuals or organisations.
 
Alan Calder, founder and chief executive officer at IT Governance, says: “It is clear that organisations need to focus on adequate staff awareness training and basic cyber security practices to avoid a data breach. The Internet community as a whole is a target for cyber criminals looking for protected and sensitive data.”
 
A starting point for organisations that want to implement basic cyber security measures is the Cyber Essentials scheme. The government-backed cyber security certification sets forth an effective standard for cyber security. The scheme provides a set of controls and implementation guidance for basic cyber hygiene against which organisations can achieve certification.
 
Organisations that want to take action against the increasing threat of targeted phishing attacks by educating their employees to be alert, vigilant and secure can opt for IT Governance’s Phishing Staff Awareness Course.
 
For more information about IT Governance’s Cyber Essentials packaged solutions or Phishing Staff Awareness Course, please visit the website, contact our consultancy team directly at servicecentre@itgovernance.co.uk or call us on +44 (0) 845 070 1750.
This website uses cookies. View our cookie policy