WASHINGTON (4/24/14)--A new Verizon data security report reveals that many point-of-sale (POS) breaches could be prevented by taking basic security enhancement steps. Those steps include limiting remote access to networks, using POS devices only for their intended purpose, updating antivirus software and providing two-factor identification on the perimeter of networks.
The report, released Wednesday, was compiled from data on 1,367 confirmed data breaches and 63,437 security incidents that occurred in 95 separate countries. Fifty organizations provided information for the report.
The year 2013 may be tagged as the "year of the retailer breach," but a more comprehensive assessment of the information security risk environment shows it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems, Verizon said.
Through its data analysis, Verizon found that nine patterns described 92% of the confirmed data breaches cited in the report. "We find it simply astounding that nine out of 10 of all breaches observed by 50 global organizations over a full year can be described by nine distinct patterns," report author Wade Baker wrote.
The nine patterns are:
The Verizon analysis found that:
Web app attacks will continue to compromise networks if organizations do not regularly test their network and software security, and update their computer systems, Verizon said.
"Most organizations cannot keep up with cybercrime--and the bad guys are winning," Baker wrote. "But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically," he added.
Overall, Baker said, "organizations need to realize no one is immune from a data breach. Compounding this issue is the fact that it is taking longer to identify compromises within an organization--often weeks or months, while penetrating an organization can take minutes or hours."
For the full Verizon report, use the resource link.