BA: First Line of Defense Against A Security...
Transcript of BA: First Line of Defense Against A Security...
![Page 1: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/1.jpg)
BA: First Line of Defense Against A Security Breach
May 2016 General Meeting
@ATLSPIN | @HansEckman
#BAOT | #PMOT
![Page 2: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/2.jpg)
Stay Connected
Atlanta SPIN May 2016 General Meeting
o http://www.atlantaspin.org
o @ATLSPIN
Hans Eckman - HansEckman.com
o http://www.linkedin.com/in/hanseckman
o @HansEckman
o #BAoT – Business Analysis on Twitter
o #PMoT – Project Management on Twitter
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 2
![Page 3: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/3.jpg)
Disclaimers
Unless otherwise noted, all examples are from the Verizon “2015 Data Breach Investigations Report”.
The content in this presentation and discussion are THE SOLE RESPONSIBILITY OF HANS ECKMAN, and does not express the views SunTrust Bank.
This presentation contains NO SunTrust Bank information, examples, policies or approaches.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 3
![Page 4: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/4.jpg)
Welcome
This session is for you, so please participate.
This is a high level introduction to general security terms and topics that business analysts should consider during a project.
No animals were harmed during the creation of this presentation. Please support your local rescue groups.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 4
![Page 5: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/5.jpg)
Introduction
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
https://youtu.be/F7pYHN9iC9I
5
![Page 6: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/6.jpg)
Why is the BA the First Line of Defense?
Requirements are the first opportunity to protect against errors and data breaches.
Early discussions can save countless hours of rework.
The BA must be the advocate for access control, data integrity and security, as well as for the business needs.
Security and Fraud Prevention are important business needs.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 6
![Page 7: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/7.jpg)
Data Breach Hall of Fame – Tom’s Guide Top 10
1. Heartland Payment Systems, 2008-2009: 130 million
2. Target Stores, 2013: 110 million
3. Sony online entertainment services, 2011: 102 million
4. National Archive and Records Administration, 2008: 76 million
5. Anthem, 2015: 69 to 80 million
6. Epsilon, 2011: 60 to 250 million
7. Home Depot, 2014: 56 million payment cards
8. Evernote, 2013: More than 50 million
9. Living Social, 2013: More than 50 million
10. TJX Companies Inc., 2006-2007: At least 46 million
Honorable mention: Sony Pictures Entertainment, 2014: Company's inner workings completely exposed
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 7
Source: http://www.tomsguide.com/us/biggest-data-breaches,news-19083.html
![Page 8: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/8.jpg)
Data Breach Story - Target
November 27 to December 18 2013[Delayed discovery]
Phishing email installed Citadel (Zeus variant) in Fazio Mechanical (refrigeration contractor) computers. [Phishing, Inadequate Anti-virus]
Hackers used Fazio Mechanical's login to gain access through the Target’s Ariba supplier portal.[Single Factor Authentication]
Hackers exploited vulnerabilities in Windows servers.[SQL injection attack]
Trojan.POSRAM used to copy credit/debit card from RAM on Target's POS system.
$252 million cost to date
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 8
Source: http://www.zdnet.com/article/anatomy-of-the-target-data-breach-missed-opportunities-and-lessons-learned/
![Page 9: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/9.jpg)
What Happens When You Don’t Take Action
On average, 80% of breaches are from external.
23% of recipients now open phishing messages and 11% click on attachments. Nearly 50% open emails and click on phishing links within the first hour.
99.9% of the exploited vulnerabilities were compromised more than a year after the CVE (Common Vulnerabilities and Exposures) was published.
0.03% of all mobile devices are compromised each day.
The forecasted average loss for a breach of 1,000 records is between $52,000 and $87,000.
55% of internal incidents were privilege abuse.
Loss due to errors:o 30% Sensitive information reaching incorrect recipientso 17% Publishing nonpublic data to public web serverso 12% Insecure disposal of personal and medical data
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 9
![Page 10: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/10.jpg)
Tiers of Security
Prevent Unauthorized
Access
Allow Authorized Access
Control Access and Activity
Detect Activity
Resolve Issues
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 10
![Page 11: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/11.jpg)
Security Landscape
Identity Access Management
Records Management
Physical*Network*
Fraud
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
*Network and physical security are not typical requirements in software projects.
11
![Page 12: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/12.jpg)
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
Identity Access Management (IAM)
Access
Fine grain entitlements
Where to manage
o Centralized: shared repository
o Distributed: within each application
Identity
Course grain entitlements
Authentication method
o Challenge response
o Adaptive
User Identity Access Permissions
12
![Page 13: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/13.jpg)
Understanding Adaptive Authentication
Risk based approach
o Step-up authentication
Multifactor examples
o IP blocking: restrict access by provider and/or network
o Location: Geo-blocking, Geo-profiling
o Trusted device
o Biometric: prints, facial, shake
o Token: Time-based key
o Temporary key: SMS, email, phone
o User defined factor (e.g. account image, nicknames)
o CAPTCHA
Third party identity
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 13
![Page 14: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/14.jpg)
IAM – Mapping Identities
Which “Bob” is
the User?
Bob
Bob
Bob and Ginny
Bob and Paul
Sponge, Bob
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 14
![Page 15: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/15.jpg)
Source: http://gizmodo.com/the-25-most-popular-passwords-of-2014-were-all-doomed-1680596951
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
IAM – Password Risks
Social Media
Accounts
2014 Common
1. 123456
2. password
3. 12345
4. 12345678
5. qwerty
6. 123456789
7. 1234
8. baseball
9. dragon
10. football
11. 1234567
12. monkey
13. letmein
Passwords:
14. abc123
15. 111111
16.mustang
17. access
18. shadow
19. master
20. michael
21. superman
22. 696969
23. 123123
24. batman
25. trustno1
15
![Page 16: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/16.jpg)
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
IAM – Entitlement Requirements
Unclear entitlements
o What can a user actually View/Modify/Delete?
o Embedded groups/inherited permissions
o Assumed requirements or constraints that aren’t adequately documented
Segregation of Duties (SOD)
Least Privileged Access
The top action (55% of incidents) was privilege abuse
Financial gain and convenience being the primary motivators (40% of incidents)
16
![Page 17: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/17.jpg)
Records Management
Record
Changes
Versioning
TransportStorage
Retention
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 17
![Page 18: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/18.jpg)
Record Management – Key Concerns
Updates and Versioning
o Tied to fine grain entitlements
o Do you care who/how data was changed? Updated?
o How will versions be used? Forensic analysis only?
Encryption
o Only protects from a breach is outside your system
o Should include seeding
o Can be bypassed by repetitive data (e.g. password duplication)
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 18
![Page 19: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/19.jpg)
Record Management – Key Concerns
Storage
o Will the record be used by more than one system? BI applications?
o If used outside the system of record, does the record bypass fine grain entitlements?
Retention
o Must comply with all corporate, compliance and regulatory requirements.
o Keeping records longer than needed can cause more harm than deletion. (discovery)
o Must be consistently applied.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 19
![Page 20: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/20.jpg)
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT
Fraud Management
Change
Awareness
Validation
Action
Resolution
Starts with a change: access, record, config
System or user must be aware of change to determine risk
Validate if change exceeds risk tolerance
If action is required, remediation process must be defined
![Page 21: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/21.jpg)
Fraud Analytics
Project System
Data Loss
Data Correlation
Data Integrity
System Access
Activity Monitoring
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 21
![Page 22: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/22.jpg)
Stay Connected
Atlanta SPIN May 2016 General Meeting
o http://www.atlantaspin.org
o @ATLSPIN
Hans Eckman - HansEckman.com
o http://www.linkedin.com/in/hanseckman
o @HansEckman
o #BAoT – Business Analysis on Twitter
o #PMoT – Project Management on Twitter
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 22
![Page 23: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/23.jpg)
Appendix
Verizon “2015 Data Breach Investigations Report”
Interesting Facts
![Page 24: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/24.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
~80% of breaches are external.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 24
![Page 25: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/25.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Credentials
RAM
Scraper
Spyware/
Keylogger
Phishing
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 25
![Page 26: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/26.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
In 60% of cases, attackers are able to compromise an organization
within minutes.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 26
![Page 27: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/27.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Phishing Attacks
23% of recipients now open phishing messages and 11% click
on attachments.
Nearly 50% open emails and click on phishing links within the first
hour.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 27
![Page 28: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/28.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
For two years, more than two-thirds of incidents that comprise
the Cyber-Espionage pattern have featured phishing.
Over 9,000 domains and 50,000 phishing URLs tracked each month.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 28
![Page 29: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/29.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
99.9% of the exploited vulnerabilities were compromised more than a year
after the CVE (Common Vulnerabilities and Exposures) was published.
Ten CVEs account for almost 97%of the exploits.
Half of the CVEs exploited in 2014 fell within two weeks.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 29
![Page 30: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/30.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Mobile Malware
I got 99 problems and mobile malware isn’t even 1% of them.
0.03% out of tens of millions of mobile devices, the number of ones
infected with truly malicious exploits was negligible.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 30
![Page 31: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/31.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Cost of Data Breaches
The forecast average loss for a breach of 1,000 records is between
$52,000 and $87,000.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 31
![Page 32: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/32.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
0.0%
5.0%
10.0%
15.0%
20.0%
25.0%
30.0%
Incident Classification - Confirmed Data Breaches
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 32
![Page 33: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/33.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
0.0%
10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
Web App Attacks
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 33
![Page 34: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/34.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Insider Misuse
The top action (55% of incidents) was privilege abuse
Financial gain and convenience being the primary motivators
(40% of incidents)
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 34
![Page 35: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/35.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Miscellaneous Errors
System administrators were the prime actors in over 60% of incidents.
• Sensitive information reaching incorrect recipients 30% of incidents
• Publishing nonpublic data to public web servers 17% of incidents
• Insecure disposal of personal and medical data 12% of incidents
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 35
![Page 36: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/36.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
JAN: SNAPCHAT
• 4.5 million compromised names and
phone numbers
FEB: KICKSTARTER
• 5.6 million victims
MAR: KOREAN TELECOM
• One of the year’s largest breaches
affected 12 million customers
APR: HEARTBLEED
• First of three open-source vulnerabilities
in 2014
MAY: eBAY
• Database of 145 million customers
compromised
JUN: PF CHANG’S
• Most high-profile breach of the month
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 36
JUL: ENERGETIC BEAR
• Cyberspying operation targeted the
energy industry
AUG: CYBERVOR
• 1.2 billion compromised credentials
SEP: iCLOUD
• Celebrity accounts hacked
OCT: SANDWORM
• Attacked a Windows vulnerability
NOV: SONY PICTURES ENTERTAINMENT
• Highest-profile hack of the year
DEC: INCEPTION FRAMEWORK
• Cyber-Espionage attack targeted the
public sector
![Page 37: BA: First Line of Defense Against A Security Breachhanseckman.com/guides/wp-content/uploads/2016/05/20160518_Atla…the Target’s Ariba supplier portal. [Single Factor Authentication]](https://reader031.fdocuments.net/reader031/viewer/2022022609/5b9401ae09d3f2a65f8c0a86/html5/thumbnails/37.jpg)
Verizon “2015 Data Breach Investigations Report”
Source: Verizon “2015 Data Breach Investigations Report”
Internet of Things
Verizon experts predict that there will be over 5 billion IoT devices by
the end of this decade.
©2015 Hans Eckman | @HANSECKMAN | HansEckman.com | #BAoT #PMoT 37