Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 4 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Price of breached record rises as attackers life is made easier by old flaws

by The Gurus
April 14, 2015
in Editor's News
Share on FacebookShare on Twitter

Attackers are becoming more sophisticated in their capabilities, but are aided by a failure to deploy patches for flaws which are left open for years.
According to the 2015 Verizon Data Breach Investigation Report, which this year contains information from 70 contributing organisations, 79,790 security incidents and 2,122 confirmed breaches across 61 countries, found that 23 per cent of recipients open phishing messages and 11 per cent of recipients click on attachments, The report also found that it takes just 82 seconds from the start of a campaign to its first bite of a victim.
According to this year’s report, 70 per cent of attacks use a combination of older techniques such as phishing, hacking or malware and involve a secondary victim, but many existing vulnerabilities remain open, even though security patches have long been available but never implemented.  In fact, many of the vulnerabilities are traced to 2007.
Robert Parker, head of security strategy and solutions, Asia Pacific at Verizon, told IT Security Guru in an email that cyber criminals and attacks are definitely becoming more sophisticated and well-funded, however, this is exacerbated by a target rich environment. “This is illustrated in the DBIR whereby ten commonly known CVE’s account for 97 per cent of the exploits seen in 2014,” he said.
Asked if there are vulnerabilities (with patches available) still being exploited, does this suggest that there is a need for better patch management rather than blaming people?
He said: “71 per cent of known vulnerabilities had a patch available for more than a year prior to being breached. The real decision is whether a given vulnerability should be patched more quickly than your normal cycle or if it can just be pushed with the rest.
“The data set from the 2015 DBIR suggests a robust patching policy is an essential component of any risk mitigation framework, however, the need for education of users is also critical. Patching alone will not protect from user involved data breaches, such as phishing.”
As in prior reports, the time which elapses between a breach occurring until it’s discovered is still wide, as in 60 per cent of breaches, attackers are able to compromise an organisation within minutes.
Mike Denning, vice president of global security for Verizon Enterprise Solutions, said: “While there is no guarantee against being breached, organisations can greatly manage their risk by becoming more vigilant in covering their bases.”
The report also prices the cost-per-record in a breach, which in a breach involving 1,000 records will be between $3,000 and $1.5 million. Verizon found that in 95 per cent of cases, the average cost of a breach is between $52,000 and $87,000. In comparison, breaches with 10 million records are predicted to cost between $392,000 and $73.9 million with the average cost (in 95 per cent of cases) of a breach ranging from $2.1million to $5.2 million.
“We believe this new model for calculating the cost of a breach is groundbreaking, although there is definitely still room for refinement,” said Denning. “Too often, organisations think it is less expensive to suffer a breach than put the proper defense in place. But we now know that just isn’t true.”
 
Download the full report here

FacebookTweetLinkedIn
Tags: data breachInvestigationPatchVulnerability
ShareTweetShare
Previous Post

Prospective students wrapped up in university data breach

Next Post

Corero and Verisign announce DDoS bashing collaboration

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information