Leaving cybersecurity solely to the IT department is irrational in today’s competitive world. While it may be difficult for an executive with a non-IT background to have a firm understanding of IT security, the solution for the executives is to leave the technicality to the technical guys, but know the technical management themselves. Understanding the threat environment, including potential risks, is an important aspect of information security management. Careful study of tools like the Verizon Data Breach Investigations Report (DBIR) provides insight into the most predominant threats. This year’s report, DBIR 2016, discusses several major types of data breaches.
Phishing
Phishing is masquerading as a trusted entity to steal valuable information from the entity’s users or customers. The information can be usernames, passwords, credit card data, or other personal data. Normally, phishing is done through social engineering, techniques that persuade or trick a user to take some action the user would not otherwise take, such as following some malicious link or opening an attachment containing malware.
The 2016 DBIR reports that phishing has been mainly used for installing persistent malware. Persistent malware is malicious software that keeps coming back regardless of efforts to remove it. These malware are often able to modify the system registry; that is how they remain on the system for long. Executives should know the prevalence of phishing and understand how malicious parties use phishing to place persistent malware on the organization’s systems and steal sensitive data from the system. DBIR 2016 also recommends measures to curtail the phishing threat: isolate the infected system or systems and then disinfect them selectively.
Web Application Attacks
Web applications are a good way to reach customers and promote businesses. Today’s websites are dynamic and interactive; many require login credentials to view member areas with additional accesses and privileges. The downside of these additional accesses are the lucrative playground they create for malicious parties. Hacked user credentials may compromise the backend web servers and enable enemies to gain a strong foothold within an organization’s system.