Here's an interesting new study from
Threat Track Security, a "blind survey of 200 security professionals dealing with malware analysis within U.S. enterprises." From the
release:
ThreatTrack Security today published a study
that reveals mounting cybersecurity challenges within U.S. enterprises.
Nearly 6 in 10 malware analysts reported they have investigated or
addressed a data breach that was never disclosed by their company.
These results suggest that the data breach epidemic - totaling 621 confirmed data breaches in 2012, according to Verizon's 2013 Data Breach Investigations Report
- may be significantly underreported, leaving enterprises' customers
and data-sharing partners unaware of a wide array of potential security
risks associated with the loss of personal or proprietary information.
Moreover, the largest companies, those with more than 500 employees, are
even more likely to have had an unreported breach, with 66% of malware
analysts with enterprises of that size reporting undisclosed data
breaches.
Despite their gravity, the reasons behind these breaches are rather funny:
malware analysts revealed a device used by a member of their senior leadership team had become infected with malware due to executives:
- Visiting a pornographic website (40%)
- Clicking on a malicious link in a phishing email (56%)
- Allowing a family member to use a company-owned device (45%)
- Installing a malicious mobile app (33%)
No comments:
Post a Comment