[email protected] +44 20 8123 2220 (UK) +1 732 587 5005 (US) Contact Us | FAQ |

Trends in security attacks and incidents

March 2010 | 17 pages | ID: T5782BD27A0EN
Ovum

US$ 1,495.00

E-mail Delivery (PDF)

Download PDF Leaflet

Accepted cards
Wire Transfer
Checkout Later
Need Help? Ask a Question
IT systems have been under attack since they became connected to the Internet. Indeed, they suffered from insider misuse before then. Many organizations produce regular reports on the threat landscape. We have studied several leading reports and filtered out the key messages that pervade multiple studies. The results will help organizations to prioritize their security activities and determine their optimum budget for IT security.
SUMMARY

Impact
Ovum view
Key messages

THE OVERALL THREAT LEVEL IS STILL GROWING RAPIDLY

Attacks increased by 50% in 2009
Attack types are evolving
Scareware
Targeted attacks
More credential-stealing malware
Social networking attacks
Denial-of-service attacks
Phishing, vishing, and smishing

THE EXTERNAL THREAT IS GREATER THAN THE INTERNAL THREAT

The “internal threat” is often accidental
Verizon Business
Deloitte
Computer Security Institute
The internal threat cannot be ignored

MALWARE INFESTATION AND SQL INJECTION ATTACKS ARE STILL THE BIGGEST THREATS

Don’t neglect the basics
SQL injection remains the number-one threat

DATA BREACHES ARE EXPENSIVE

The cost of a data breach can destabilize organizations of any size
Organizations have capped their incident cost
Ponemon Institute
Computer Security Institute
Deloitte
The methodology exists to quantify the cost of a breach

AWARENESS IS IMPROVING BUT COMPLIANCE LAGS AND RESOURCES ARE STRETCHED

UK consumer awareness is improving
Actions sometimes fall short of words
The failure of companies to comply with PCI DSS is a scandal

AVAILABILITY OF DELIVERY MECHANISMS IS KEY TO HOW THREATS EVOLVE

Attackers are opportunists

SURVEY COMPOSITION AFFECTS NUMBERS BUT NOT UNDERLYING TRENDS

Why are the survey results so different?
What can we learn from the results?
The scope and methodology of the selected surveys

RECOMMENDATIONS

Recommendations for enterprises
Evaluate the threats you face when determining security budgets
Do not underestimate the cost of a data breach
Prioritize defending against the most serious threats
Try to reduce the number of incidents caused by accidental errors
Recommendations for suppliers
Build product offerings around the protection of business processes that are under threat
Support online service providers that are building security services for the SME sector
Be alert to new threats
Alternative views
PCI compliance must be enforced
There is consistency across a broad range of security surveys

APPENDIX

Further reading
Source reports
Related Ovum reports
Methodology

LIST OF TABLES

Table 1: Survey composition


More Publications