97% of cyber events could have been prevented!


A Verizon-Secret Service study* documents that as much as 97% of cyber events could have been prevented, or mitigated the damages, through the use of best practices:

  1. Monitor and filter outbound network traffic
  2. Ensure essential controls are met and regularly audit to in order consistent implementation
  3. Change default credentials
  4. Avoid shared credentials
  5. Implement a firewall or access control list (ACL) on remote access/administration services
  6. Utilize IP blacklisting
  7. Update anti-virus and other software consistently
  8. Audit user accounts
  9. Restrict and monitor privileged users
  10. Test applications and review codes
  11. Monitor and mine event logs
  12. Change the approach to event monitoring and log analysis
  13. Define ‘suspicious’ and ‘anomalous’ (then look for whatever ‘it’ is)
  14. Increase awareness of social engineering
  15. Train employees and customers to look for signs of tampering & fraud
  16. Create an incident response plan
  17. Engage in mock incident testing
  18. Secure business partner connections; and
  19. Eliminate unnecessary data and keep tabs on what is left

If you would like explanations and examples, I can help!

* http://www.verizonbusiness.com/about/events/2012dbir/

Recommend / Share :
Share it