BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

How To Avoid Breaches Where You Least Expect Them

From: Lee J <lee () riskbasedsecurity com>
Date: Tue, 22 Oct 2013 20:26:02 +1100
http://www.darkreading.com/vulnerability/avoiding-breaches-where-you-least-expect/240162928


In the real world of constrained budgets and limited personnel,
prioritization of security resources is a must. Many departments prioritize
practices based on the severity of vulnerabilities, the value of a target,
and the likelihood of a threat hitting said target. However, the flip side
of that is to remember the real world is also a connected one. And as many
security experts can attest, enterprises often forget to account for how
attacks against the vulnerabilities in less critical systems can jeopardize
the crown jewels.

"Most companies focus their efforts on locking down vital assets, such as
the infrastructure, servers, mission-critical applications, and work
machines, and when assessing risk put too much emphasis on these as opposed
to other systems deemed not as vital," says Vann Abernethy, senior product
manager for NSFOCUS. "But we have seen attacks against these soft targets
that either led to serious damage or were used as a way into the systems
that were thought to be better protected."


[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: