Top Ten Hacks

According to a recent Black Hat Survey by Balabit, the ten most popular hacking methods in the USA are:

1. Social Engineering (e.g., phishing) – 81%

2. Compromised Accounts (e.g. weak passwords) – 62%

3. Web-Based Attacks (e.g., SQL/command injection) – 51%

4. Client Side Attacks (e.g., against doc readers, web browsers) – 33%

5. Exploit Against Popular Server Updates (e.g., OpenSSL, Heartbleed) – 23%

6. Unmanaged Personal Devices (e.g., lack of BYOD policy) – 21%

7. Physical Intrusion – 15%

8. Shadow IT (e.g., users’ personal cloud-based services for business purposes) – 11%

9. Managing Third Party Service Providers (e.g., outsourced infrastructure) – 9%

10. Taking Advantage of Getting Data Put to the Cloud (e.g., IAAS, PAAS) – 6%

We can teach our 1.5 day “ISO 27001:2013 Requirements” course onsite at your facility. ISO 27001 is the international standard for an Information Security Management System. You can view the course description at this web page.

Top Ten Hacks

Consultants

Bill Beck

Cheryl Pikus

Davina Henderson

Dawn Henderlight

Don Dickerson, PE

Dr. Elbert Sorrell

Duke Okes

Gary Scalise

Guillermo Leon

James A. Shell

John Thompson

Jon Shaver

Larry Whittington

Marcia Burrey

Mark Vordtriede

Mike Harrison

Mitchell Rowland

Paul Jinks

Rich Barish

Rick Randall

Roberta Goyt

Sally Smoczynski, CISSP

Scott Morrison