Cybercrime evolves – and so do the defences

A report by Trend Micro has revealed that the severity of attacks has increased against businesses in the second quarter of 2014. The report also revealed that organisations have to identify and understand their core data in order to protect both themselves and their customers.

Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014 as seen in Trend Micro’s second quarter security roundup report, “Turning the Tables on Cybercrime: Responding to Evolving Cybercrime Tactics.” The severity of these attacks intensified against financial and banking institutions as well as retail outlets. Total attacks have exposed more than 10 million personal records as of July 2014 and strongly indicate the need for organisations to adopt a more strategic approach to safeguarding digital information.

These incident attacks in the second quarter affecting consumer’s personal information included theft of data such as customer names, passwords, e-mail addresses, home addresses, phone numbers, and dates of birth. These types of personal privacy breaches have affected organisation’s sales and earnings while leaving customers unable to access accounts and dealing with service disruption. As a result many countries have begun developing stricter privacy and data collection policies to begin dealing with this problem.

As of July 15, 2014, more than 400 data breach incidents have been reported, creating the need for organisations to identify and understand their core data in order to protect and build an effective defense strategy to keep them secure. A change in mindset, organisations initially need to determine which information they regard as “core data” before devising a plan on how to protect it.

Enterprises must treat information security as a primary component of a long-term business strategy rather than handling security issues as tertiary, minor setbacks,” said Gregory Anderson, country manager at Trend Micro South Africa. “Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security.

Highlights of the report include:

Global law enforcement partnerships lead to arrests: By sharing research findings with law enforcement agencies, financial loss prevention from cybercrime has proven effective.

The reported attacks in the second quarter reveal that the wide spectrum of cyber threats can have a disastrous impact globally,” said Anderson. “Implementing a strategic incident response plan by forging collaborations, both internally and externally, will provide agencies and industries the resources to respond and protect against current threats to information security.

* Follow Gadget on Twitter on @GadgetZA