Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Organised crime accounted for 85 per cent of all data stolen in external attacks on companies, according to a report carried out by Verizon Business in conjunction with the US Secret Service.
The 2010 Verizon Data Breach Investigation Report used confidential information logged on the Verizon Incident Sharing Framework (PDF) alongside information provided to the Secret Service.
The figures also found a larger amount of data being lost within organisations than previously noted, but external attacks remain the number one way in which data is stolen with 69 per cent of all breaches.
"By adding our data to the Secret Service's, we were able to build up a better picture of data breaches, with many results found to be the same as earlier reports," said Matthijs van der Wel, managing principal for the forensics team at Verizon.
"The data we have now gathered, from both the US and worldwide, provides organisations with a clearer insight into the threats they face, and information on where they need to protect themselves against these risks."
Van der Wel added that 49 per cent of thefts that occur from inside an organisation are caused by employees abusing privileges, and that companies need to apply better data management policies to clamp down on this trend.
"Many organisations give employees too much access to certain levels of data. They should instigate more rigid controls to ensure that staff only have access to data they need, say, information from the last week or month," he said.
Companies should also look beyond simple username and password access to data, and use second factor authentication processes to prevent lost or stolen credentials being used to gain information.
Furthermore, data breaches occur most often via servers and online applications, but 87 per cent of victims had evidence of the breach on log files, yet failed to spot it.
"Many firms say it is impossible to spot a data breach in their log files, but we would suggest that if they look for anomalies in the amount of log-files, they could spot irregular patterns and find breaches this way," he said.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.