A Report on Reports: Briefing on the State of Security

Many of you are probably aware that RSA is currently taking place.Having fomo like me? Twitter is a lifesaver if you are.Still, it’s hard to stay updated on all the juicy things being discussed there. Some of the major topics I’ve come across are: artificial intelligence (of course) and threat intelligence.A conference known for being ‘where the world talks security,’ it also comes with it the release of many reports detailing the current state of security and the internet as a whole.3 of the reports highlighted during this event are: Verizon’s Data Breach Report 2017 (major), Akamai’s State of the Internet and PwnieExpress’ “Internet of Evil Things.”Let’s face it, that’s a lot of information to comb through, and while all of it is valuable, some may be more relevant for you or your organization than others. But I’m certain that no matter if you’re a student or practitioner, being able to talk the ‘current state of things’ or at least be familiar with them, is incredibly important.I’ve decided to put together this post as a Briefing on the State of Security which will highlight key takeaways from each report and help you explore the findings further if needed.

Verizon’s Data Breach Report 2017

Overview: According to PRNewswire, “Data breaches are becoming more complex and are no longer confined to just the IT department, but are now affecting every department within an organization. Each breach leaves a lingering, if not lasting imprint on an enterprise.”What does the report include? 16 common breach scenarios, which offer an exclusive look at cyber investigations. Each scenario is told from the perspective of different stakeholders for a broad scope of enterprise insight. The report groups the 16 scenarios into four different types of breaches and gives each a personality.What is the report’s purpose?"The Data Breach Digest is designed to help businesses and government organizations understand how to identify signs of a data breach, important sources of evidence and ways to quickly investigate, contain and recover from a breach," says Brian Sartin, executive director, the RISK Team, Verizon Enterprise Solutions.Key Takeaways:

• Humans continue to play a significant role in cyber security incidents
• Data breaches are growing in complexity
• There is a finite set of scenarios that occur with data breaches
• The 3 other common types of breaches are divided into categories of conduit devices, configuration exploitation, and malicious software

Akamai's State of the Internet/ Security Report Q4 2016

Overview:According to PRNewswire, “Akamai Technologies, Inc. (AKAM), the global leader in content delivery network (CDN) services, released its Fourth Quarter, 2016 State of the Internet / Security Report. The report, using data gathered from the Akamai Intelligent Platform, provides analysis of the current cloud security and threat landscape, as well as insight into seasonal trends.”What do the experts say?"As we saw with the Mirai botnet attacks during the third quarter, unsecured Internet of Things (IoT) devices continued to drive significant DDoS attack traffic," said Martin McKeay, senior security advocate and senior editor, State of the Internet/Security Report. "If anything, our analysis of Q4 2016 proves the old axiom 'expect the unexpected' to be true for the world of web security," continued McKeay. "For example, perhaps the attackers in control of Spike felt challenged by Mirai and wanted to be more competitive. If that's the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks."Key Takeaways:

• DDoS Attacks
  • Attacks greater than 100 Gbps increased 140 percent year-over-year from Q4 2015
  • The largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike, a non-IoT botnet that has been around for more than two years
• Web Application Attacks
  • The United States remained the top source country for web application attacks, showing a 72 percent increase from Q3 2016
• Top Attack Vectors
  • Of the 25 DDoS attack vectors tracked in Q4 2016, the top three were UDP fragment (27 percent), DNS (21 percent), and NTP (15 percent), while overall DDoS attacks decreased by 16 percent

PwnieExpress 2017 Internet of EVIL Things Report

Overview: “The Internet of Evil Things (IoET) Report 2017" provides you with data points and actionable intel based on community surveys and data from millions of devices monitored by Pwnie's IoT security platform… So what exactly is The Internet of Evil Things®? First, we [PwnieExpress] need to define evil, by which we [Pwnie] mean malicious or harmful… purposefully or not. For the purposes of this report, we [Pwnie] are defining a “connected device” as any device that can connect to a network or other devices via a wired or wireless signal. This frequently means Internet-connected devices, but Bluetooth and less traditional protocols are equally applicable.”What does the report include?The report’s findings were gathered from a survey of more than 800 IT security professionals and on-the-ground data from Pwnie Express sensors monitoring real life wired, wireless, IoT, and BYOD device data collected from a wide range of businesses across industries including financial services, hospitality, retail, manufacturing, professional services, technology, healthcare, energy, etc.What is the report’s purpose?It looks at new insight from IT security professionals on many of the connected device concerns that PwnieExpress tracked in the 2016 IoET, including an extensive look at BYOD.Key Takeaways:

• 66% don’t know or aren’t sure how many connected devices their colleagues bring into work
• 84% said Mirai changed their perceptions about IoT device threats
• Only 22% have checked connected devices for malicious infections in the last year

My 2 Cents

It’s clear from these reports there are two factors we cannot ignore when it comes to security- humans and the unsecured IoT. Both are difficult hurdles to overcome for InfoSec professionals, but increasingly harmful as the business and technology landscape becomes more intertwined. More intertwined? Yes.The report findings are also a friendly reminder that security risks are not confined to one department or industry. This, again, points to the need for ALL individuals to be educated on cyber security best practices.Clearly, the security practices that held true in years past need to change as quickly and as urgently as the technologies themselves change. Even if your organization is not moving to the IoT or a BYOD device policy, it is important to familiarize IT personnel with the latest. Take a proactive approach rather than a reactive one.Recognizing the treacherous threat landscape and a need for enterprise training, Cybrary recently released their Teams platform.Cybrary Teams is a Training Management and Skill Assessment platform that offers premium cyber security training and career development. Built with open source in mind, Cybrary Teams scales with your team and the community.“The ever-growing threat to our data – coupled with the ever-evolving nature of cyber intrusions – has escalated the demand for trained and talented cyber warriors,” said Col. Ken McCreedy, USA (Ret.), director of cyber development with the Maryland Department of Commerce. “Cybrary’s online training program helps those interested in cybersecurity gain the knowledge and skills they need to help secure the digital highway. For those already engaged in cyber security, Cybrary’s program ensures that they remain well-equipped as new threats emerge.”You can read the full Teams news release here, or request a demo here.Olivia Lynch (Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.