Data Breaches

Despite rising concerns that cyber-attacks are growing more and more sophisticated, hackers used relatively simple methods for 97% of data breaches last year, according to a report compiled by Verizon.

A Computerworld article states the findings suggest that organizations are overlooking basic precautions even as they buy new security systems. Verizon also found that in 80% of attacks, hackers hit so-called victims of opportunity — poorly defended sites that happen to catch their eye — rather than targeting specific companies.

Based on investigations into over 850 data breaches, the Verizon report was compiled with help from the U.S. Secret Service and with input from law enforcement agencies in the U.K., the Netherlands, Ireland, and Australia.

For the first time, attacks by so-called “hacktivist” groups breached more records, over 100 million, than did hackers looking specifically to steal financial or personal data.

Often, the breached companies lacked firewalls, had ports open to the Internet or used default, or easy-to-guess passwords. All told, said a Verizon security analyst, it is about going back to basic security principles.

To enroll in one of our courses on ISO 27001, the standard on Information Technology – Security Techniques – Information Security Management Systems, click on a course title:

ISO 27001 Requirements (2 days)
ISO 27001 Internal Auditor (3 days)
ISO 27001 Lead Auditor (4 days)