According to a recent Black Hat Survey by Balabit, the ten most popular hacking methods in the USA are:
1. Social Engineering (e.g., phishing) – 81%
2. Compromised Accounts (e.g. weak passwords) – 62%
3. Web-Based Attacks (e.g., SQL/command injection) – 51%
4. Client Side Attacks (e.g., against doc readers, web browsers) – 33%
5. Exploit Against Popular Server Updates (e.g., OpenSSL, Heartbleed) – 23%
6. Unmanaged Personal Devices (e.g., lack of BYOD policy) – 21%
7. Physical Intrusion – 15%
8. Shadow IT (e.g., users’ personal cloud-based services for business purposes) – 11%
9. Managing Third Party Service Providers (e.g., outsourced infrastructure) – 9%
10. Taking Advantage of Getting Data Put to the Cloud (e.g., IAAS, PAAS) – 6%
We can teach our 1.5 day “ISO 27001:2013 Requirements” course onsite at your facility. ISO 27001 is the international standard for an Information Security Management System. You can view the course description at this web page.