Submitted by: Submitted by idhris
Views: 115
Words: 1963
Pages: 8
Category: Science and Technology
Date Submitted: 02/19/2014 01:57 AM
Advanced Persistent Threat (APT)
Lethal Combination of Social Engineering and Technology
June 6th, 2011
Agenda
Headlines Data Loss Perspectives • • • • • • • The Bottom Line of Data Loss What is at Risk Data at Risk Conduits Threats Those Most Affected Professional Hacking
Case Studies APT Case Studies • Google • RSA APT Explained • • APT Definitions How APT works
What can we do? Key take a ways
2
© 2011 Protiviti Inc.
From the Headlines
3
© 2011 Protiviti Inc.
The Bottom Line of Data Loss
9.5 million consumers were victims of identity theft in 20101. The total fraud loss amount was $500 Million2. The average loss to organizations in 2010 was nearly $400,0003. The average consumer victim spent 21 hours and $373 to resolve the crime4. More than 84.3% of e-mail is Spam 52% of data theft occurred over the Web5 Industry standards, such as PCI compliance, will help reduce the risk.
2The
ITRC Breach Report 2010 Verizon Business Data Breach Investigations Report 32010 Cybercrime Security Survey 4Javelin Strategy and Research, 2009 5 Web Sense 2010 Threat Report
12011
4
© 2011 Protiviti Inc.
What Are The Risks?
The risks are more than just immediate monetary impact:
Litigation Reputation Loss Loss of System Availability Lost Productivity Loss of Intellectual Property Regulatory Fines
5
© 2011 Protiviti Inc.
Types of Data at Risk and Detection of Breach
• In a trend consistent with pre-2009 levels, the food and beverage and retail industries shouldered the brunt of data breaches accounting for 75% of all investigations. • As with prior years, the majority of incident response caseload consisted of payment card data breaches. • The targeting of payment card data is expected, as payment card fraud is an established business, and this data can be easily sold or laundered through established black market networks to realize financial gain.
© Trustwave Global Security Report 2011
6
© 2011 Protiviti Inc....