Ready to Start Your Career?

By: Olivia
February 16, 2017
A Report on Reports: Briefing on the State of Security

By: Olivia
February 16, 2017

Verizon’s Data Breach Report 2017
Overview: According to PRNewswire, “Data breaches are becoming more complex and are no longer confined to just the IT department, but are now affecting every department within an organization. Each breach leaves a lingering, if not lasting imprint on an enterprise.”What does the report include? 16 common breach scenarios, which offer an exclusive look at cyber investigations. Each scenario is told from the perspective of different stakeholders for a broad scope of enterprise insight. The report groups the 16 scenarios into four different types of breaches and gives each a personality.What is the report’s purpose?"The Data Breach Digest is designed to help businesses and government organizations understand how to identify signs of a data breach, important sources of evidence and ways to quickly investigate, contain and recover from a breach," says Brian Sartin, executive director, the RISK Team, Verizon Enterprise Solutions.Key Takeaways:- Humans continue to play a significant role in cyber security incidents
- Data breaches are growing in complexity
- There is a finite set of scenarios that occur with data breaches
- The 3 other common types of breaches are divided into categories of conduit devices, configuration exploitation, and malicious software
Akamai's State of the Internet/ Security Report Q4 2016
Overview:According to PRNewswire, “Akamai Technologies, Inc. (AKAM), the global leader in content delivery network (CDN) services, released its Fourth Quarter, 2016 State of the Internet / Security Report. The report, using data gathered from the Akamai Intelligent Platform, provides analysis of the current cloud security and threat landscape, as well as insight into seasonal trends.”What do the experts say?"As we saw with the Mirai botnet attacks during the third quarter, unsecured Internet of Things (IoT) devices continued to drive significant DDoS attack traffic," said Martin McKeay, senior security advocate and senior editor, State of the Internet/Security Report. "If anything, our analysis of Q4 2016 proves the old axiom 'expect the unexpected' to be true for the world of web security," continued McKeay. "For example, perhaps the attackers in control of Spike felt challenged by Mirai and wanted to be more competitive. If that's the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks."Key Takeaways:- DDoS Attacks
- Attacks greater than 100 Gbps increased 140 percent year-over-year from Q4 2015
- The largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike, a non-IoT botnet that has been around for more than two years
- Web Application Attacks
- The United States remained the top source country for web application attacks, showing a 72 percent increase from Q3 2016
- Top Attack Vectors
- Of the 25 DDoS attack vectors tracked in Q4 2016, the top three were UDP fragment (27 percent), DNS (21 percent), and NTP (15 percent), while overall DDoS attacks decreased by 16 percent
PwnieExpress 2017 Internet of EVIL Things Report
Overview: “The Internet of Evil Things (IoET) Report 2017" provides you with data points and actionable intel based on community surveys and data from millions of devices monitored by Pwnie's IoT security platform… So what exactly is The Internet of Evil Things®? First, we [PwnieExpress] need to define evil, by which we [Pwnie] mean malicious or harmful… purposefully or not. For the purposes of this report, we [Pwnie] are defining a “connected device” as any device that can connect to a network or other devices via a wired or wireless signal. This frequently means Internet-connected devices, but Bluetooth and less traditional protocols are equally applicable.”What does the report include?The report’s findings were gathered from a survey of more than 800 IT security professionals and on-the-ground data from Pwnie Express sensors monitoring real life wired, wireless, IoT, and BYOD device data collected from a wide range of businesses across industries including financial services, hospitality, retail, manufacturing, professional services, technology, healthcare, energy, etc.What is the report’s purpose?It looks at new insight from IT security professionals on many of the connected device concerns that PwnieExpress tracked in the 2016 IoET, including an extensive look at BYOD.Key Takeaways:- 66% don’t know or aren’t sure how many connected devices their colleagues bring into work
- 84% said Mirai changed their perceptions about IoT device threats
- Only 22% have checked connected devices for malicious infections in the last year
My 2 Cents

