IT Security: Mid-Year Gut Check
Is your stomach turning or does it feel a calm satisfaction halfway through 2011? What seemed like a relatively calm 2011 during the first couple months has turned into a banner year of breaches. The forecast could qualify as: In like a Lamb, out like a Lion as they say. When thinking about this post and even as I started typing a couple sentences ago, I was planning on reviewing the trends of the last 6 months: looking at the 2011 Verizon Data Breach Investigations Report and how the total number of compromised records has decreased even if the number cybercrime caseloads has increased; examining some recent cloud surveys to see if security is still a top concern; reviewing the latest Ponemon Institute study which says that cyber attack and potential breach is a statistical certainty with 90% of businesses surveyed reporting at least 1 security incident over the last 12 months; the 2010 Symantec/Ponemon Data Breach Loss Report from this past March which calculated that the average cost to a company was $214 per compromised record and $7.2 million over the entire organization; a little on the rise of hactivism; along with how human behavior plays an important role in many breaches.
As I was doing a little research gathering up links, stats and other resources for this story, I ran across this chart from IEEE and I had to share it. It’s called The Two Faces of Hacking. It looks at the 25 biggest and best breach stories and maps them based on innovation and impact. I would suggest visiting the original site since there is some interaction with the chart (good, bad and neutral hacks) and links to each of the stories. Maybe I should have titled this blog, Hacks: The Good , The Bad, and The Neutral.
The story links are interesting like the Torturing the Secret out of a Secure Chip hack, the The Steampunk Contraptors and of course, Hands On about the RFID guinea pig but was surprised that the digital certificate breach didn’t make the list. Anyway, this chart seemed like the perfect way to review the past and ponder the future.
- The Two Faces of Hacking
- And The Hits Keep Coming
- Unplug Everything!
- Technology Can Only Do So Much
- 3 Billion Malware Attacks and Counting
- The Big Attacks are Back…Not That They Ever Stopped
- Has The Sky Cleared on Cloud Security?
- Defense in Depth in Context
- Where Do You Wear Your Malware?
- Cure Your Big App Attack
- F5 Friday: Eliminating the Blind Spot in Your Data Center Security Strategy