Skip to content

97% of cyber events could have been prevented!

October 15, 2014

MAINTAINING FOCUS ON GOOD CYBER HYGIENE

A Verizon-Secret Service study* documents that as much as 97% of cyber events could have been prevented, or mitigated the damages, through the use of best practices:

  1. Monitor and filter outbound network traffic
  2. Ensure essential controls are met and regularly audit to in order consistent implementation
  3. Change default credentials
  4. Avoid shared credentials
  5. Implement a firewall or access control list (ACL) on remote access/administration services
  6. Utilize IP blacklisting
  7. Update anti-virus and other software consistently
  8. Audit user accounts
  9. Restrict and monitor privileged users
  10. Test applications and review codes
  11. Monitor and mine event logs
  12. Change the approach to event monitoring and log analysis
  13. Define ‘suspicious’ and ‘anomalous’ (then look for whatever ‘it’ is)
  14. Increase awareness of social engineering
  15. Train employees and customers to look for signs of tampering & fraud
  16. Create an incident response plan
  17. Engage in mock incident testing
  18. Secure business partner connections; and
  19. Eliminate unnecessary data and keep tabs on what is left

If you would like explanations and examples, I can help!

* http://www.verizonbusiness.com/about/events/2012dbir/

Advertisements

From → Cyber strategy

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: