Monday 18th February, 2013

According to the ‘2013 Trustwave Global Security Report’ Cybersecurity threats are increasing as quickly as businesses can implement measures against them. The combination of business and IT transformation, compliance and governance demands and the onslaught of security threats continue to make the job of safeguarding data assets a serious challenge for organisations of all types.

Today, organisations need not only to understand current trends in security threats but also be able to identify inherent vulnerabilities within existing systems. In the 2013 Global Security Report, Trustwave tested, analysed and discovered the top vulnerabilities and threats that have the most potential to negatively impact organisations.

Key findings of 2012 and trends to watch in 2013 and beyond;

• Retail - for the first time in three years, the retail industry made up the highest percentage of investigations at 45%.
• E-commerce sites were the No. 1 targeted asset, accounting for 48% of all investigations.
• Mobile malware explodes by 400%. As organisations embrace mobility, mobile malware continues to be a problem
• Businesses are embracing an outsourced IT operations model.  In 63% of incident response investigations, a major component of IT support was outsourced to a third party. Outsourcing can help businesses gain effective, cost-friendly IT services; however, businesses need to understand the risk their vendors may introduce and proactively work to decrease it
• Businesses are slow to “self-detect” breach activity.  The average time from initialbreach to detection was 210 days, more than 35 days longer than in 2011. Most victim organizations (64%) took over 90 days to detect the intrusion.
• Basic security measures are still not in place.  “Password1” is still the most common password used by global businesses.