Channel-focused security firm Trustwave released Tuesday its 2016 Trustwave Global Security Report based on data from breach investigations as well as logged security and compliance events. The insights should help partners drive home the need for proactive security, especially for those serving the retail vertical — it was the most compromised industry, making up 23 percent of investigations, followed by hospitality and food and beverage.
Not surprisingly, 38 percent of investigations were around e-commerce breaches. While successful attacks on point-of-sale (POS) systems are down, they’re still an area of concern. In 60 percent of cases, attackers were after payment-card data. And, customers are unlikely to spot breaches themselves. Most, 59 percent, were spotted by a third party, and not quickly: A median of 168 days elapsed from intrusion to containment.
No company is safe, however, because cybercrime is a lucrative and well-organized business. Trustwave previously demonstrated how attackers launching a malware infection campaign could earn $84,100 from a $5,900 investment in just 30 days. In some cases, they’re operating on the cloud pay-as-you-go model so popular with customers, subscribing to a service that delivers access to a steady stream of new exploits.
Michael Petitti, SVP of Global Alliances for Trustwave, said the company hopes the information in the new report will enable its partners to deliver solutions that protect businesses in all industries from the latest threats. And in fact, besides data points that demonstrate the need for security, the 90-page report has extensive recommendations of security measures that Trustwave investigators recommend to mitigate the risk of data compromise. For example, the firm recommends ...