IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
Malware
#
IBM
Attackers sharpen skills, so must CISO's
Fri, 27th Sep 2013
FYI, this story is more than a year old
By Staff Writer
Follow us

Chief Information Security Officers (CISO’s) must increase their knowledge of the current vulnerability and attack landscape, such as mobile and social technologies, to more effectively combat emerging security threats.

For over 15 years, IBM X-Force has been tracking trends and emerging threats, with the tech giant releasing the 2013 mid-year trend and risk report which highlights some of the key findings in the industry.

For CISO’s, it’s no surprise that tried and true attack tactics can cause the most damage to an enterprise.

"Known vulnerabilities left unpatched in Web applications and server and endpoint software, create opportunities for attacks to occur," the report says.

"These unpatched applications and software continue to be facilitators of breaches year after year."

However, the latest X-Force report also recognises that attackers are improving their skills, which allows them to increase their return on exploitation, capitalising on users’ trust when it comes to new vectors like social media, mobile technology and waterhole attacks.

Attackers are optimising their operations around many key initiatives which include a path of least resistance to reach the largest number of potential targets for the minimal amount of exploit effort.

For example, attackers are optimising:

• The exploitation of trust via social media.

• Coordinated operations leaking user data as well as exploiting weak entry points into global brands such as foreign local language or franchise sites.

• Mobile malware with Android devices as the market expands.

• Take over of central strategic targets to access and exploit a broader base of end users.

• Diversion and distraction techniques which throw security administrators off path, while breaching targets under the cover.

To read the report in full click here

Related stories
GitHub's 2FA initiative helps secure software supply chain
AI tools linked to data exposure in 1 in 5 UK organisations
Gen AI optimism high in ANZ but cybersecurity concerns loom
NetApp 2024 report uncovers 'disrupt or die' era powered by AI
ANZ senior leaders caution over cybersecurity, global figures differ
Top stories
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Dropbox unveils new features for remote work, enhances Microsoft integration
Top tips for renovating your revenue management function in FY2025
New report reveals stark divide in global AI progression
How to ensure your finance transformation project is an unqualified success