Today: March 22, 2018, 7:17 am
Computer & Technology

Exploiting Data Breaches by Michael Marriott, Digital Shadows security expert

Comment Article by Michael Marriott, Digital Shadows security expert
Michael Marriott, Digital Shadows security expert
Michael Marriott, Digital Shadows security expert 2017-06-08 07:16:34
High profile data breaches are regularly in the news and, seemingly, businesses and are losing the battle to protect their intellectual property (IP), corporate, and customer data from the threats posed by professional cybercriminals.

It is no surprise that financial gain is the single biggest motivator for cyberattacks. The 2016 Verizon Data Breach Investigations Report highlighted that financial gain and espionage accounted for more than 89% of all data breaches they studies. Financial gain was by far the biggest single reason for attacks, beating espionage and all other objectives into a distant second place.

This is big business for cybercriminals.

To deal with the threats posed by these breaches, organizations, have to get on the front foot when protecting their intellectual property. Firstly, by identifying the location and protections around critical IP, secondly keeping a watchful eye on the types of attackers and the methods they might use to obtain it.

But despite the excitement, which is often rightly directed at new viruses or malware or attack techniques, it is exploit kits that remain one of cybercriminals’ most reliable and trusted delivery mechanisms to embed malware and conduct malicious activity. And, even as an exploit kit gets shut down, others pick up the slack and continue to deliver their payloads.

Our report, “In the Business of Exploitation”, found that the vulnerabilities exploited by the top 22 exploit kits showed that Adobe Flash Player was likely to be the most targeted software, with 27 of the 76 identified vulnerabilities exploited taking advantage of this software.

Understanding the most commonly exploited software, and the most frequently targeted vulnerabilities, can aid in mitigating the threat posed by exploit kits and prioritizing their patching.

To protect their IP it is critical that a company evaluates their security using the perspective of an attacker, which helps prioritize the work to address potential vulnerabilities. This could involve looking at where their organization is exposed on social media sites, points of compromise, and looking for evidence of previous attacks across the visible, dark, and deep web. The military use the term situational awareness, and we believe that it is useful for companies to use this approach when considering their cybersecurity controls.

Companies can therefore remain quick to respond to incidents and limit the consequences of any potential breach. That way they can remove information from public view by issuing takedown requests as soon as an organization finds its information being shared advertised or sold on the web. Similarly, by knowing what information is compromised, passwords can be changed, customers notified and points of weakness fixed.

By being proactive, organizations can tailor their defenses and make better, more informed business decisions. In a world of complexity and uncertainty, this kind of illuminating context is key to preventing vital IP falling in to the wrong hands.

Press Information
Digital Shadows
Conrad Offices, 19th Floor

Sheikh Zayed Rod, Dubai

Sharon Divan

# 471 Words
Related Articles
More From The Author
ISYX Technologies joins IFS Partner Network
Dubai, UAE, June 7, 2017: IFS, the global enterprise applications company, has signed an agreement with Dubai-based ISYX Technologies, [..]
Mimecast and PhishMe Collaborate to Improve Cyber [..]
Dubai, UAE, June 06, 2017 – Mimecast Limited (NASDAQ: MIME), a leading email and data security company, has collaborated with [..]
WannaCry might be the tip of the [..]
The attack on 200,000 plus computers across more than 120 countries around the world by the WannaCry ransomware certainly got [..]
Sophos Honours Top Performing Channel Partners at [..]
Sophos (LSE: SOPH), a global leader in network and endpoint security presented awards to six of its top performing channel [..]
More From Computer & Technology
ETRI's Cup Holder Charges Phones Wirelessly
- Using magnetic resonance technology to generate and transfer energy from the cup to electronic devices Daejeon, KOREA, Mar [..]
HoudahGeo 5.2: Photo geocoding solution adds Lightroom [..]
Luxembourg City, Luxembourg - March 7, 2018 - Houdah Software announces HoudahGeo 5.2, a major upgrade to the photo geotagging [..]
DJkit Now Shipping the New Pioneer DDJ-SB3 [..]
The UK’s most prominent retailer of professional DJ hardware is delighted to announce another major hardware launch from Pioneer. [..]
Gugila Launches MonitorWiz – Accurate and Anonymous [..]
Slovenia (22 February 2018) – Gugila announces a launch of MonitorWiz, a web application for accurate and anonymous web page [..]
Soulfit Sonic : One stop shop for [..]
• Accuracy of a fitness band, ease of a mobile phone • Touch sensitive notifications on the go • Detachable [..]

Disclaimer: If you have any questions regarding information in this press release please contact the company added in the press release. Please do not contact pr-inside. We will not be able to assist you. PR-inside disclaims the content included in this release.