Who is Threatening Your IT Security

Every organization is a target.  No industry is safe, or immune to cyber-crime, and although technology in IT security has come a long way, the number of data breaches is growing.

These cyber criminals come in all shapes and sizes, and their tactics vary.  Knowing your potential attacker is essential to being prepared to defend your company from hackers and to protect your valuable and sensitive data stored on your servers.

Here are the 3 types of IT hackers that different organizations have to be aware of, according to The Verizon 2013 Data Breach Investigations Report (DBIR) :

Who is Threatening Your IT Security image hacker1 300x264Who is Threatening Your IT Security Who is Threatening Your IT Security image hacker2 300x264Who is Threatening Your IT Security Who is Threatening Your IT Security image hacker3 300x264Who is Threatening Your IT Security

Type 1: Activists (aka, Hacktivists)

TARGET: Information, Public Sector, and other Service Industries

DATA GOAL: To access personal information, credentials and internal data of the organization.

Type 2: Spies

TARGET:  Manufacturing, Professional Services, and Transportation Industries

DATA GOAL: To access credentials, internal data of the organization, and intellectual property.

Type 3:  Professional Criminals

TARGET: Finance, Retail, and Food Industries

DATA GOAL: They want stored credit card information, credentials, and bank account details of customers.

 Ultimately, according to the DBIR, the #1 reason for hacks is financial gain at 75%.  Combined with the fact that 84% of compromises are accomplished within minutes to hours, it won’t take long before the perpetrators can “reap the benefits.”

Depending on what industry your organization is in, your IT security professionals must act accordingly.  They must be sure to protect where the relevant assets sits (i.e., POS controller, Database, File Server, Directory Server, Mail Server, etc.) immediately and completely.

Furthermore, most targets are breached by hacks, malware, or both.  Although having anti-virus and anti-malware could be good armor against this, and log analysis and security information and event management (SIEM) software products can help keep track of applications tampered with, they are not as good of a protection as they may seem.  Viruses and malware are constantly evolving, making it difficult for anti-ware to stay relevant fast enough to detect, alert, and/or destroy in time.  In addition, log-analysis and SIEMs have serious blind-spots, since not all applications have internal logging mechanisms.  If an app is not being logged, your log-recording system is as good as nothing.  These issues should not and cannot be ignored.

Educate yourselves immediately, so that you may reinforce your IT security with the best tools possible, and prevent intruders from taking advantage of your weaknesses.

More Tech articles from Business 2 Community:

See all articles from Business 2 Community

Friend's Activity