LOGIN | REGISTER NOW | SUBSCRIBE
 
Print

Cybercrime: How organizations can protect themselves


By Suzanne Kattau


 Suzanne Kattau
Email
August 17, 2012 —  (Page 3 of 6)
The third attack type is extraction, where you are extracting data from the victim. The victim could be an individual or the victim could be an enterprise.

So then you have the fourth attack type, which is manipulation. This is where you are manipulating data, changing it or deleting it, maybe. And that can be pretty nasty as well. And the thing about them, I think, is that attacks are very often carried out in such a way as to avoid detection, prevent remediation, and enable repeat attacks. An example would be one of our members in the financial service space who did actually find that it had been attacked with a manipulation type of attack. They managed to isolate it, they managed to take the system down, rebuild it over a two-week period, and put it back up again. And within two days, they had been attacked again in the same area. So, it is not the sort of thing that you particularly want to have happen, but it does happen out there, and we need to be aware of it.

How can enterprises handle the BYOD trend when it comes to securing the devices?
In terms of the tools and devices and so on that people are using, if we get into BYOD or personal devices, it is about, first of all, making sure you have clarity around what people can and cannot do with those devices. Are you, for example, going to allow them to access Facebook on the same device that they’re accessing your corporate system? And how are you going to manage those devices? So you then get into ownership issues. If you have provided the device, then you have rights over how you can monitor it or how you can remote manage it. If it’s somebody else’s device, you don’t have the same rights. People would have to agree to allow you access to their devices.

So, a lot of it is thinking about the policies and the governance that you’re putting in place in order to deal with a BYOD environment. Many organizations haven’t gone through that process and that, obviously, is opening them up to certain threats and vulnerabilities. So some of these things sound very, very simple, but it is about just sort of standing back and thinking these things through from an enterprise standpoint, and deciding how you’re going to deal with some of these things.


Related Search Term(s): cybercrime, security

Pages 1 2 3 4 5 6 


Share this link: http://sdt.bz/36876
 
Most Read  Latest News  Resources
SAP unveils SAP HANA platform innovations for Big Data and spatial processing
Features include smart data access and expanded cloud deployment options
Alteryx raises $12 million to put Big Data analytics in the hands of all business analysts
Quest founder's firm, Toba Capital, selects Alteryx as its first analytics investment
Google I/O kicks off
Developers get new APIs and tools, and the Go language hits version 1.1
Jelastic launches new version of its Java and PHP hosting platform
Jelastic today announced the launch of a new version of its ultra-scalable cloud hosting platform
Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter


close
NEXT ARTICLE
Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan Read More...
 
 
 




News on Monday  more>>
Android Developer News  more>>
SharePoint Tech Report  more>>
Big Data TechReport  more>>

   
 
 

 


Download Current Issue
MAY 2013 PDF ISSUE

Need Back Issues?
DOWNLOAD HERE

Want to subscribe?