Sunday, June 26, 2011

"Abuse of System Access / Privileges" is #1 Means for Stealing Intellectual Property and Classified Information

According to the Verizon 2011 Data Breach Investigations Report (DBIR), "Abuse of System Access / Privileges" is the top threat action type used to steal intellectual property and classified information.

Verizon's Real World Example
An example from the Verizon report is a Nigerian fraud ring that gained key positions within some of America’s largest banks which allowed them to steal personally identifiable information, access and/or create bank accounts, and other nefarious activities.
"Another lesson ... is the importance of quickly deprovisioning user access and privileges when they are no longer needed. Year after year we investigate breaches involving former employees or business partners." - Verizon 2011 Data Breach Investigations Report
Top Threat Types Used To Steal Intellectual Property and Classified Information
(excludes those only involving payment card data, bank account information, personal information, etc)
Learn how Veriphyr’s Identity and Access Intelligence as a service discovers abuse of system access and privileges - with no hardware and no on-site software.
The Verizon 2011 Data Breach Investigations Report (DBIR) provides a view of “What it means for the general community." This chart is part of Verizon effort to release some of the most-requested segmentations of the DBIR's 761 incidents to answer the question “what it means for specific segments.”

Sources:
(a) New views into the 2011 DBIR - Verizon Security Blog, June 23, 2011
(a) Verizon 2011 Data Breach Investigations Report - Verizon Security, Apr 19, 2011


No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.