Employee negligence is the main cause of data breaches, according to a state of the industry report by Shred-it, an information security company. The report found that 47 percent of business leaders said human error such as accidental loss of a device or document by an employee had caused a data breach at their organization.
Over 1,000 small business owners and C-suite executives in the United States were surveyed online in April for the report.
In 2017, data breaches cost companies an average of $3.6 million globally, according to a separate report from the Ponemon Institute.
For smaller businesses especially, that price tag could wipe out the entire firm. For a company of any size, a data breach can also cheapen a company's brand and negatively impact their ability to do work, according to Shred-it.
During the RSA 2018 conference, Lastline launched Breach Defender, a new solution to facilitate the analysis of suspicious anomalies in monitored networks. As part of our internal product QA leading up to any release, we often coordinate with our partners to carry out tests on real data. During our most recent iteration, we happened to detect a port scan within the network of one of our customers (you can see a screenshot of the UI in Figure 1; the orange node represents the event). Normally we tend to gloss over port scans, although we still generate an informational event, as they are often used as part of network security policy to identify hosts running unexpected services. Overall, they are often part of the background noise, and most commonly they are just used to decorate some network activity maps.
Security operations (SecOps) teams have some of the hardest jobs around. They are faced with growing volumes of security data: 77% of enterprises add one terabtye of security data a month.
Could you separate the signal from all that noise? Well, now you can put yourself in the place of a security analyst and find out. Introducing the “Separating the Signal from the Noise” interactive demo from McAfee.
Moving to the latest 100 threat reports that specifically target the finance industry we can see that we have captured a Microsoft Office-based campaign. Various office file extensions comprise 62% of the recent file types with the remaining 38% being Portable Executable Files (see Figure 1).
Of the recent file types, 69% are Unclassified in terms of the specific type of malware detected. This means that at time of submission to Lastline they had already been submitted to VirusTotal, but there was no positive detection of maliciousness (see Figure 6). The unclassified rate for Microsoft Office files is 99% in this time frame.