Every company is a target.
No industry is safe, or immune to cyber-crime, and although technology in IT security has come a long way, the number of data hacking is growing.
Knowing your potential attacker is essential to being prepared to defend your company from hackers and to protect your data.
According to The Verizon 2013 Data Breach Investigations Report (DBIR), there are 3 types hackers :
Type 1: Activists (aka, Hacktivists) TARGET: Information, Public Sector, and other Service Industries DATA GOAL: To access personal information, credentials and internal data of the organization.
Type 2: Spies TARGET: Manufacturing, Professional Services, and Transportation Industries DATA GOAL: To access credentials, internal data of the organization, and intellectual property.
Type 3: Professional Criminals TARGET: Finance, Retail, and Food Industries DATA GOAL: They want stored credit card information, credentials, and bank account details of customers.
According to the DBIR, the first reason for hacks is financial gain at 75%.
So,your IT security team must act. They must be sure to protect where the relevant assets sits (i.e., POS controller, Database, File Server, Directory Server, Mail Server, etc.) immediately and completely.
Furthermore, most targets are breached by hacks, malware, or both.
We also must be aware that viruses and malware are constantly evolving, making it difficult for anti-ware to stay relevant fast enough to detect, alert, and/or destroy in time.
In addition, log-analysis and SIEMs have serious blind-spots, since not all applications have internal logging mechanisms. If an app is not being logged, your log-recording system is as good as nothing.
These issues should not and cannot be ignored. Educate yourselves immediately, so that you may reinforce your IT security with the best tools possible, and prevent intruders from taking advantage of your weaknesses.
original source: business2community