Annual Security Reports, Part 2

7 Safe UK Breach Investigations Report

As reported by The H Security, this report confirms the Verizon 2009 Data Breach Report, that the majority of attacks come from external sources (80%). Of all the successful breaches that were detected and analyzed (since even security experts can’t be 100% sure what kind of data was stolen) 85% were Payment Card Information.

Check out the full report here.

---

Verizon 2009 Data Breach Investigations Supplemental Report

This supplemental report was released in the 2nd week of December 2009 and describes the Top 15 threats along with real world examples. Indicators and Countermeasures (or Mitigators) were also included.

The Top 15 Threats from the report were:
1. Keyloggers and Spyware
2. Backdoor or Command/Control
3. SQL injection
4. Abuse of system access/privileges
5. Unauthorized access via default credentials
6. Violation of Acceptable Use and other policies
7. Unauthorized access via weak or misconfigured ACLs
8. Packet Sniffer
9. Unauthorized access via stolen credentials
10. Pretexting (Social Engineering)
11. Authentication bypass
12. Physical theft of asset
13. Brute-force attack
14. RAM scraper
15. Phishing (and endless *ishing variations)

I really like the Indicators and Mitigators sections of the Threat Action Catalogue, since they can be easily integrated into a technical Security Awareness Program.

Check out the report here.

If you’d like to access the the Verizon 2009 Data Breach Investigations Report, released back in April 2009, click here. The summary of which can be found here.

Advertisement

Annual Security Reports, Part 1

Annual Report Pandalabs 2009
Topics include:
– 2009 in figures
– The year at a glance (Web 2.0, Blackhat SEO Techniques, Cyberwar)
– Threats in 2009 (The profitability of rogueware, Banker Trojans, Conficker)
– Spam
– Main vulnerabilities in 2009
– Trends in 2010

Download the full report here

---

Ernst & Young’s 12th annual global information security survey

Key survey findings include (taken Verbatim from the report):

Managing risks
– Improving information security risk management is top security priority for the next year.
– External and internal attacks are increasing.
– Reprisals from recently separated employees have become a major concern.

Addressing challenges
– Availability of skilled information security resources is the greatest challenge to effectively delivering information security initiatives.
– Despite most organizations maintaining current spending on information security, adequate budget is still a significant challenge to delivering security initiatives.
– Security training and awareness programs are falling short of expectations.

Complying with regulations
– Regulatory compliance continues to be an important driver for information security.
– Cost compliance remains high, with few companies planning to spend less in the next 12 months.
– Too few organizations have taken the necessary steps to protect personal information.

Leveraging technology
– Implementing DLP technologies is the top security priority for many organizations.
– The lack of endpoint encryption remains a key risk with few companies encrypting laptops or desktop computers.
– Virtualization and cloud computing are gaining greater adoption, but few companies are considering the information security implications.

Download the full report here

Prioritizing Information Security Risks with Threat Agent Risk Assessment

Hello, I’m Xander and I’m a new contributor to the InfoSec Philippines blog. I was lurking on the Security Metrics Mailing list and the recent discussions were about Intel’s TARA methodology, which they’re using for their internal Information Security Risk Assessments. Intel’s methodology is centered on the most exposure that can be brought about by Threat Agents. Check out the whitepaper here.