Now that we’ve defined the actors, who are the victims? Financial institutions, retail stores and restaurants combined account for better than 60% of the breaches. 20% are accounted for by manufacturing, transportation, and utilities; And 20% are accounted for by professional services. By size approximately 60% of the breaches are directed against organizations of fewer than 1,000 employees and 40% are against organizations with more than 1,000 employees. This is a fairly even distribution between small and large. Let’s discuss which industries are typically targeted by which actors. Criminals target retail and food service establishments, as well as financial institutions because that is where the money is. Spies target industries which have proprietary information that gives them a competitive advantage in the market place. So, it follows that if you’re in manufacturing, transportation, or professional services, then you are more likely to be the target of espionage, because you have valuable proprietary information. Activists usually target the public sector and those in the information industry.
TTP
10
TTPInstallation of Malware Through Known Vulnerabilities
A little about phishing. Phishing works. People are going to click on links in emails, which will direct them to bogus websites, etc…..A scary statistic….two “spearphishing” campaigns directed at three individuals, run twice has a 80% success rate at getting someone to click on the link. So, it might be worthwhile to design mechanisms into your networks which restricts movement internally without the appropriate credentials.
What Can I Do to Prevent Breaches?http://www.sans.org/critical-security-controls
16
Presenter
Presentation Notes
What Can I Do to Prevent? At this point, I am going to point you directly to the SANS Twenty Critical Controls, available at: http://www.sans.org/critical-security-controls/