BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers tap suppliers to target business

From: Lee J <lee () riskbasedsecurity com>
Date: Sat, 26 Oct 2013 09:11:38 +1100
http://www.cso.com.au/article/529811/hackers_tap_suppliers_target_business/

Insiders are still the main threat to an organisation’s information, but
outside hackers have caught up and are leaning on vendors and suppliers to
gain a foothold in their targets.

Information theft incidents known to have come from outsider hackers have
doubled in the past year to 35 per cent, according to the 2013 Kroll Global
Fraud Report.

The report, based on a survey of 901 executives at large companies across
the globe, also found that 17 per cent of those incidents stemmed from
earlier cyber attacks on suppliers and vendors, up from 5 per cent in the
2012 poll.

Information theft was the second most common type of fraud at 22 per cent,
with physical assets or stock continuing to lead at 24 per cent.

While the threat from outside hackers might seem an obvious concern for
most organisations, only 68 per cent of respondents said they invested in
IT security.

Meanwhile, the most commonly cited reason that execs gave for an expected
increase in exposure to fraud was the complexity of IT systems.

Still, when it comes to information theft, insiders remain the most common
threat, with 39 per cent of respondents who identified as victims claiming
their company knew the perpetrator.

Nearly a third of respondents hit by fraud said whistleblowers were the
first to report insider fraud. However, only 52 per cent said their
organisation had created whistleblower hotlines.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: