Top Cyber-Threats: Ransomware, Insiders and DoS
When it comes to securing sensitive corporate data, the top three threats facing organizations are ransomware, insider threats and denial-of-service (DoS) attacks, according to the "2017 SANS Data Protection Survey," conducted by the SANS Institute and sponsored by Infoblox. The majority of survey respondents reported threats to their data over the past 12 months, but they escaped actual compromise. However, enough of them did lose sensitive data to provide valuable lessons. User credentials and privileged account information, known as access data, represented the most common data types involved in these breaches. "Access data is proving more desirable to hackers than sensitive data being targeted for financial gain or for destruction with ransomware because it opens the door to significantly more exploitation opportunities," said Sean Tierney, director of threat intelligence at Infoblox. The survey results indicate that businesses need to better understand their sensitive data and the ways that technology can help reinforce policies and procedures to protect that data. "Organizations still relying solely on manual processes—59 percent of the respondents—open up their networks and customer data to highly automated, targeted attacks," Tierney added. The survey included more than 250 IT security administrators, analysts, architects and other IT experts. Respondents came from predominantly small and midsize organizations, mostly in the United States, across a wide variety of industries.