SUBSCRIBE NOW
IN THIS ISSUE
PIPELINE RESOURCES

The Cybersecurity Playbook

ORDER REPRINTS DOWNLOAD COMMENT DISCUSS SHARE


You’ll notice that there’s been no mention of mobile malware. That’s because it isn’t a big issue… yet.

These are sophisticated attacks and difficult to guard against, but the takeaway for most of us is that these aren’t attacks that are leveled at the average individual or firm. However, one good takeaway is that reliable Big Data solutions can help you better understand what, if anything, has been snagged by one of these attacks.

8. POS Intrusions

This one’s for those retailers who were just told to not worry about espionage. Point-of-sale intrusions account for only 0.7% of incidents, but a whopping 28.5% of confirmed data breaches. While these were long thought of as petty crimes involving low dollar amounts, they are increasingly a genuine threat.

Passwords are often gathered from low-level employees using simple social engineering (a phone call from a phony supervisor, for instance), and it’s hard to combat that sort of thing. However, everything that was true for the errors and insider misuse sections can apply here, too. Removing default passwords, implementing two-factor logins, and controlling credentials are all helpful tools for combatting POS intrusions. Also, since the actual intrusions are often preceded by crimeware that paves the way, taking a look at software can be helpful.

9. Payment card skimmers

This one is arguably the rarest of the bunch, accounting for 0.1% of incidents and 3.1% of confirmed breaches. Criminals have gotten better at mounting phony readers on gas pumps and on ATMs, including thin, translucent devices that mount inside of existing readers. It’s the future! Chip and PIN technology, which is finally taking off in the U.S., was supposed to make these issues less of a problem; but poor implementations still create big, wide openings for ne’er-do-wells. Merchants are the front line on this one, and need to up their fraud management game and make sure that chip and PIN systems are well-implemented.

10. Mobile malware waiting in the wings

You’ll notice that there’s been no mention of mobile malware. That’s because it isn’t a big issue… yet. In one of the DBIR’s catchier subheads, you’ll see that providers have “got 99 problems and mobile malware isn’t even 1% of them.” (I think that line was a little smoother when Young Hov laid it down, but I could be wrong.) Out of all the millions of mobile devices, an estimated 0.03% were infected by legitimately malicious malware, according to the DBIR. Now, that rate is bound to change; but until it does, we’ll let other journalists jump on the mobile malware train.

And yes, this list doesn’t cover every single possible threat, but it does hit the big ones. The disturbing trend is how many providers and other firms haven’t done enough to combat the above. So while they wait on some exotic threat to cripple us, they may just have a sticky-fingered employee or a well-meaning CSR crippling their otherwise well-oiled machine.

How prepared are you?



FEATURED SPONSOR:

Latest Updates





Subscribe to our YouTube Channel