15 billion attacks per day This is a scary business security story!

Information security issues, is the plaque on the sharp "strangers do not Close", once encountered, enterprises can only self-seeking more blessings?!

In the real world, enterprises are faced with a wide range of security threats, but the real danger is that enterprises think themselves enough security, but the threat has already infiltrated the inside, waiting for the move.

Ashely Madison, the world's largest extramarital affair site, is among the black, multi-national politicians and executives of many of the world's top companies, and then they leave, albeit temporarily, change their minds, but the issue of information security has discredited them.

The US retailer giant, Target, has only just received PCI-DSS compliance certification in September, but was attacked in November. And in two months, about 110 million user data was leaked, including not only the user's personal information, even the mysterious card after three digits also became clear, buying and selling information and stealing the enthusiasm of the entire black market, the final target CEO resigned, but the enterprise data leakage on the user's impact continues.

Also is not only the ordinary enterprise expresses to the information security question very is helpless, even "the black market" also staged a scene black eats the black drama code. Italy hacking Team, although the hacker experts claimed, but also inadvertently against the peer black into the database, resulting in a large number of arms data leakage, this time information security issues will be brought into reality caused by the war catastrophe, people dare not to ponder.

More and more enterprise security incidents, and even less effective control ...

Here are a couple of scary numbers:

15,000,000,000 (not a few 0, 15 billion)-this is the total amount of information security time IBM needs to process for its customers every day. (from IBM2014 Annual report)

$3,790,000-This is the average corporate loss caused by this year's data breach, a figure of 3,250,000 last year. (from a survey conducted by IBM and Ponenmon Institute in May 2015)

25%--This is a 2014 increase in the total number of corporate invasion records compared to 2013, while the 2013 leaked records are 800 million. (from IBM X-force Second Quarterly report)

Each year, the IBM X-force report summarizes the latest security trends and threat information, and in the first two quarters of 2015, the information security problems faced by enterprises are no more than external and internal, although the source is different, the manifestation is not the same, but it is also deadly to the enterprise.

External-crisis-ridden:

From IBM X-force's first-quarter report, companies are in a world of misery, and most of the security event activity in 2014 revolves around three areas: Digital World privacy, basic vulnerabilities, and a lack of security fundamentals.

Digital World privacy: Businesses Trust communications and data storage providers to some extent, believing they have taken adequate security to protect their privacy. But the 2014 security incident confirms that while the main security entry points have been properly protected, external attackers are still trying to find other ways to attack. For example, a user's sensitive photos stored on the cloud are exposed. Pure user is always kind to use simple strong associated characters as login password, and hiding in the dark hacker insight all this, through brute force can easily steal photos, public under the "sun achievements."

Underlying vulnerability: There are more than 1 billion websites on the internet, and this number is increasing daily. But most Web sites rely on the same operating system, open source libraries, and Content management System (CMS) software, which exposes businesses to the flames of war, because once a security breach is disclosed, it affects not only a basic system, but tens of thousands, which can lead to a large number of sites being exploited. For almost all Web sites, external attackers can exploit underlying vulnerabilities, publish malware or bots, and infect enterprise servers on a large scale.

Lack of security fundamentals: Passwords are the secret words to get information and are also vulnerable to attack. So far, passwords have been a major contributor to corporate data breaches. Whether it's a weak, predictable password, or repeated passwords that are used repeatedly at multiple sites, this can be an advantage for external attacks. Of course, some enterprises still use the default password, last year, a large number of retail enterprise information leakage is the attacker through remote access point of sale POS machine, easy to intercept information. As you can see, basic security measures such as changing the default account password are still not fully implemented

Inside-Impossible:

Whether it's unintentional or deliberate, internal threats can cause havoc on the most valuable assets of the business.

In recent years, junk e-mail has become a conduit for the destruction of malicious software and has begun to attempt to hack into the machine using malware. The employees who are not strong inside the enterprise risk consciousness may inadvertently send malicious links in phishing emails, and indirectly help the attackers.

For most businesses, "insider threats" once meant that disgruntled or careless employees hurt the company's physical or electronic assets. As corporate espionage has escalated over the past decade, there is a need to take into account a variety of situations to protect the security of assets. For example, when an emotionally-active employee is likely to have a serious data leak after leaving the company, a "backdoor" may have been built before the employee leaves the firm, and once he enters the new company it may be possible to enable the backdoor to access hidden accounts or sensitive data from outside.

Of course, there are "quasi-company insiders," such as trusted third-party contractors who are also most likely to be the culprit for security incidents. These personnel are not fixed, such as electricians, construction workers, telephone maintenance personnel and so on. The Target data disclosure event is due to misuse of such third-party access, which allows attackers to often steal credentials and gain access to the network.

Whether the frequency of events and the number of rapid growth, or internal and external threats, information security issues are now facing the most serious outbreak of enterprises, as the 2003 SARS quietly but deadly rapidly spread among enterprises. So, what is the specific remedy for this outbreak?

Identify the core assets of the enterprise and strengthen protection + enhance the enterprise's overall security architecture capability

The determination of core assets needs to be different for industry and enterprise characteristics, and the following suggestions may be helpful to the enterprise in terms of security architecture capability Improvement: IBM The Xforce research and development team recently released a review of security events from 2012 to 2014, referring to the attack tactics and objects of the malicious elements that have shifted from early financial fraud to advanced continuous infiltration in the industry (advanced persistent Threat; APT), therefore, the traditional security architecture will not be able to effectively protect against and block security threats, it is recommended that the enterprise from Security governance (Intelligence & GRC), Life cycle Management (Identify Lifecycle), data , Application (application) and infrastructure (Infrastructure) and other five oriented to build an incident management platform (Security information event Management; SIEM) for effective detection and blocking of various security threats:

Security governance: Implement risk management, vulnerability management, configuration management, event management, and visual management through integrated Threat Analysis Services (Xftas) and other functions, effectively blocking large-scale decentralized apt attacks;

Privilege Lifecycle Management: Regularly update passwords for critical databases and other systems through identity access management, and automatically adjust account permissions based on employees;

Data management: Guardium database Security and auditing tools combined with IBM Qradar to detect and analyze current activities for any security threats;

Application Leak Detection: IBM AppScan detects application source code and application framework security, and provides vulnerability scanning and security vulnerability assessment and security recommendations for Web applications;

Infrastructure protection: Secure database data through IBM Security Guardium, and secure network devices and end devices through the IBM Network and Endpoint protection.

15 billion attacks per day This is a scary business security story!