Verizon 2016 DBIR: Action Steps and Best Practices for a More Secure Future

It’s time to get serious about developing and implementing a security action plan

istock 81819133 small

When it comes to matters of IT security, talk is cheap. Despite ongoing concern about the continuously changing threat landscape, it’s time to turn strategy into action by putting the right security platforms and policies in place to adequately protect the enterprise.

And the first line of defense must be internal: Despite attempts to promote security awareness, internal users are still a major source of data breaches and security snafus, according to Verizon’s 2016 Data Breach Investigations Report (DBIR).

In many cases, cybercriminals are successful because they already have the keys, whether it’s exploiting known vulnerabilities that have yet to be patched; leveraging weak, default, or stolen passwords; or accessing assets through what should now be familiar social engineering schemes. The Verizon 2016 DBIR found that almost a third (30%) of phishing messages were opened, up from 23 percent in 2014, and 12 percent of targeted users went on to open the malicious attachment or click on the link.

But there’s good news: IT can curtail many of these threats by getting serious about a security action plan. The Verizon 2016 DBIR offers a range of best practices designed to help organizations ward off the most common threats, from Web App attacks to insider misuse:

  • Consult the Verizon 2016 DBIR to understand how and why cybercriminals are targeting your specific organization. The report found that 95 percent of breaches fit into nine major incident patterns, and in each sector, the lion’s share of attacks (75%) typically fit the same three patterns, which vary according to industry.
  • Establish a methodical process for vulnerability remediation and patching threats that target both known exploits and those “in the wild.” The top 10 vulnerabilities account for 85 percent of successful exploit traffic, according to the Verizon 2016 DBIR.
  • Table single-factor authentication in favor of two-factor authentication schemes. Moreover, to fully safeguard sensitive data, include full-disk encryption as part of the standard build for all mobile devices and removable media.
  • Segment the network and segregate systems to limit the impact of a breach beyond a single compromised workstation. Companies with POS environments should separate this system from the corporate LAN to eliminate visibility from the open Internet.
  • Embrace log files and change management systems to catch early warnings of a breach. Pay attention to endpoint protection, including regular updates of anti-virus software and Endpoint Threat Detection and Response (ETDR) systems. Implement spam protection and perform static and dynamic analysis of URLs and email attachments to ward off email-based attacks like phishing.
  • Don’t underestimate the importance of security awareness. In addition to training IT staff, work with HR and executive management to educate all employees on the importance of security best practices through ongoing training as well as employee orientation.
  • Take time to evaluate the ability of potential providers and partners to protect your services and infrastructure. Remember that outside providers play a key role in safeguarding enterprise assets.

For more details on these best practices, along with a breakdown of key threats by industry, view the entire Verizon 2016 DBIR here.


Copyright © 2016 IDG Communications, Inc.