More data breaches in 2010 but fewer records compromised

Apr. 20th, 2011 09:28 am
thewayne: (Default)
[personal profile] thewayne
Verizon does an annual study of data breaches. It would appear that the larger repositories may have improved security, forcing would-be attackers to smaller, more vulnerable targets. Of course, the Epsilon breach may reverse the trend when 2011 statistics become available. The report also postulates that with the Heartland data breach that the market for stolen credit card numbers has become flooded and thus devalued.

The H-Online article is a very good read and links to Verizon's report.

http://www.h-online.com/security/news/item/Report-more-breaches-but-fewer-records-compromised-in-2010-1230732.html
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2011-04-20 05:49 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
We can only hope, then, that whatever techniques the large people use for data security will become available and/or affordable to smaller entities as well, especially if those larger entities do a lot of outsourcing of their work.

Date: 2011-04-20 09:16 pm (UTC)
From: [identity profile] thewayne.livejournal.com
I believe the report mentioned that there are still an amazing number of systems compromised that were mis-configured or mis-managed, such as being vulnerable to SQL injection attacks. To me, this indicates that a lot of the attacks are still being perpetrated by script kiddies.

Date: 2011-04-20 10:50 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Makes sense. Do most programs come with sensible and secure defaults now, or do you still have to know what youre doing to get them set up properly?

Date: 2011-04-21 12:10 am (UTC)
From: [identity profile] thewayne.livejournal.com
I think it's really a mixed bag and you still should know what you're doing when it comes to deploying servers that face the internet. Myself, I don't consider myself qualified to do such, it's been a long time since I studied routers and firewall configuration.

Date: 2011-04-21 11:10 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
I don't think I'd ever be able to do something like that, so I guess people still need to do a thing or two for sysadminning.

Date: 2011-04-21 11:13 pm (UTC)
From: [identity profile] thewayne.livejournal.com
It's very specialized as most IT is. You need to know how to secure your server, you need to know how to secure any apps that can be accessed from the internet, you need your routers and firewalls to be secure yet still allow access to services from the internet, etc.

It ain't easy. There's a lot of things that you have to get right, and getting one thing wrong can undo the fact that you got 95% of everything else done properly and securely.

Date: 2011-04-21 11:18 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Definitely wish there were safe and secure, sane defaults associated with all of those things, then.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

June 2025

S M T W T F S
123456 7
891011121314
15161718192021
22232425262728
2930     

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 9th, 2025 07:58 am
Powered by Dreamwidth Studios