Posted in: Information security, Latest News & Views
To protect your company’s data, it’s important to raise awareness among the people most likely to be targeted in an attack.
Hackers take any opportunity they can get to steal valuable data from businesses. And they’re finding a lot of those opportunities, according to Verizon’s 2013 Data Breach Investigations Report which analyzed 621 data breaches investigated in 2012.
One of the running themes in the report: No organizations are immune from sophisticated, targeted hacker attacks. Organizations of all sizes are being targeted in security attacks.
And in those attacks, cyber criminals most often get to the company’s network and data through the organization’s employees. Most (71%) of the breaches studied involved attacks on end user devices, compared to 54% that compromised servers (many attacks target both categories).
In addition, 76% of the attacks exploited weak or stolen log-in information. Often, those credentials are stolen from users with malware, phishing and other scams.
And the most common targets in those incidents: executives and managers.
In the majority (69%) of social engineering attacks studied by Verizon, the target was unknown. But the next two categories on the list were executives and managers, who were targeted in 16% and 11% of social engineering attacks, respectively.
That makes sense: The higher up in the company, the more access a person has to the information cyber criminals want. Those leaders also have a higher public profile, allowing hackers to do more research about them and find their contact information.
Train execs, too
What that means for organizations: While many companies train their staff-level employees to avoid phishing attacks and other suspicious emails, studies like this show that it may be even more important to train higher-level members of the organization.
It could be more difficult to get executives to listen to basic IT security training, but they must understand the impact of those security incidents on the company’s bottom line.
FinanceTechNews.com delivers the latest Finance news once a week to the inboxes of over 150,000 Finance professionals.