In this post, we get insights from Christopher Novak, Director, Investigative Response, Verizon RISK Team. He will present “Understanding the Current Data Breach Landscape” at the European Community Meeting in Edinburgh.
What are the new threats that organizations should be aware of?
Christopher Novak: To be honest, I wouldn’t necessarily say that a lot of what we’re seeing is new. Rather, I’d say we’re seeing a lot of new twists and variations on past successes. For example, phishing is old news, but the degree of sophistication that goes into today’s phishing attacks puts it at a whole new level. If I had to comment on a relatively new technical trend, it would likely be the uptick in malware that is entirely memory resident. In other words, it leaves no footprint on the disk and so isn’t seen by anti-virus, file integrity monitoring, etc… This typically happens through a process injection.
What do you see as the biggest threats to small businesses and how can they protect themselves against cybercrime?
Christopher Novak: Small businesses face many of the same opportunistic threats that hit larger businesses. However, they are also fortunate in that some of their solutions to combat these threats can be smaller, simpler and less expensive. For example, a large organization with a need to segment their network could face a multi-million dollar price tag and the need for significant resource time. A small business may be able to accomplish this simply by buying a small business firewall to put in between their PCI / POS environment and the rest of their back office PCs. Combine that with a restriction regarding web browsing and email from PCI / POS types of systems and you have a strong one-two punch. Add multi-factor authentication to your remote access and you’ll be upping your game to a whole new level. Of course, all of these are already required by PCI DSS, but they’re often the aspects of PCI DSS that we see small businesses lacking.
Which industry is most vulnerable to cybercrime and why?
Christopher Novak: Having data on over 100,000+ incidents has shown us not only that nobody is immune from cybercrime, but also that no one industry is most vulnerable. The reality is that we see this activity happening to organizations across all industries, geographies, and victims of all sizes. Cyber criminals are much like traditional criminals in that they look to take the path of least resistance. The nuances of the attacks will always be changing over time and so industries may appear to be more “targeted” one month and just as quickly fall out of favor among the threat actor community as they discover a new exploit or fabricate new malware that targets a new industry. All industries must remain vigilant.
What is the one key takeaway you hope attendees will come away with after your discussion?
Christopher Novak: If you take your security seriously – I mean really be passionate about it and get others to be passionate about it – then it will have a measurable positive impact on your organization in many ways. Your security approach should be evidenced-based, demonstrable, and weaved into the fabric of your business in order to be truly successful.
What are you most looking forward to at this year’s community meeting?
Christopher Novak: It’s the community aspect of the meetings that I look forward to most. The sessions all lead to great thought provoking follow on discussions in the exhibitor area and during the breaks. And there is a fantastic convection of great ideas being exchanged – you can see the excitement in the conversations that people are having with one another. It’s a great sign of the positive impact that we’re all having on security awareness.
Learn more about the European Community Meeting here:
