http://www.websitemagazine.com/content/blogs/posts/archive/tags/web+security/default.aspxTags: web securityenCommunityServer 2008 SP2 (Build: 31104.93)http://www.websitemagazine.com/content/blogs/posts/archive/2013/02/18/retail-cyber-attacks-increasing.aspxMon, 18 Feb 2013 17:15:00 GMT1e469e21-c924-44fa-a132-47b5d0a8ad47:23342Pete Prestipino0http://www.websitemagazine.com/content/blogs/posts/rsscomments.aspx?PostID=23342http://www.websitemagazine.com/content/blogs/posts/archive/2013/02/18/retail-cyber-attacks-increasing.aspx#comments<p><strong>Both the number and severity of cyber attacks on retailers is accelerating according to TrustWave&#39;s 2013 Global Security Report. <br /></strong><br /> The report indicates that those in the retail sector are now the top target for cyber criminals, making up 45 percent of TrustWave&rsquo;s data breach investigations &ndash; a 15 percent increase over 2011. </p> <p><i>Some of the other noteworthy highlights from the report include:</i></p> <ul> <li>Applications are the most popular attack vector, with e-commerce sites the number one target</li> <li>64 percent of organizations attacked took more than 90 days to detect an intrusion with the average time for detection being 210 days -- 35 days longer than in 2011</li> <li>The two most noteworthy methods of intrusion, SQL injection and remote access, made up 73 percent of the infiltration methods used by criminals in 2012.</li> </ul> <p>&quot;Cyber-criminals will never stop trying to compromise systems to obtain valuable information such as customer and private user data, corporate trade secrets and payment card information,&quot; said Robert J. McCullen, Chairman, Chief Executive Officer and President of Trustwave. </p> <p>&quot;This year&#39;s Global Security Report pulls back the curtain revealing how breaches happen and how potential victims around the world can protect themselves so that they stay one step ahead and eliminate potential security threats. After reading this report, businesses and government agencies will be one step closer to building a comprehensive security strategy to reduce risk, protect data and safeguard their reputation.&quot;&nbsp;</p> <p>Trustwave&rsquo;s 2013 report examined 450 data breaches, 2,500 penetration tests, 9 million Web application attacks, 2 million network and vulnerability scans, 5 million malicious websites and 20 billion emails.</p> <div style="clear:both;"></div><img src="http://www.websitemagazine.com/content/aggbug.aspx?PostID=23342" width="1" height="1">web securitywm-hostingdata breachesvulnerability scansRobert J. McCullencyber criminalsTrustWavehttp://www.websitemagazine.com/content/blogs/posts/archive/2012/04/04/cyber-attacks-a-top-concern-of-most-business-owners.aspxWed, 04 Apr 2012 18:00:00 GMT1e469e21-c924-44fa-a132-47b5d0a8ad47:19471Linc Wonham0http://www.websitemagazine.com/content/blogs/posts/rsscomments.aspx?PostID=19471http://www.websitemagazine.com/content/blogs/posts/archive/2012/04/04/cyber-attacks-a-top-concern-of-most-business-owners.aspx#comments<hr /> <p><img src="http://www.websitemagazine.com/images/blog/greensql-mini.gif" style="float:left;margin:10px;" height="73" width="73" alt="" /><b>Database security solutions provider GreenSQL recently surveyed more than 6,000 small and medium-sized business IT professionals, database administrators and data security consultants about their most critical security concerns, and the results show that fears are as widespread among SMBs as they are in the enterprise class.</b></p> <p><i>The respondents&rsquo; primary concerns were as follows:</i></p> <p><b>51 percent:</b> SQL injection attacks from internal and external users</p> <p><b>31 percent:</b> Internal threats, including unauthorized database access, database administrator errors and data exposure to non-privileged internal users</p> <p><b>18 percent:</b> Regulatory compliance</p> <p>&ldquo;In today&rsquo;s environment, it isn&rsquo;t a matter of whether you will be hacked, but when,&rdquo; says GreenSQL CEO, Amir Sadeh. &ldquo;Cybercriminals recognize that not only enterprises but also SMBs are especially vulnerable. Databases contain the crown jewels of an organization, which means a break-in by insiders or outsiders can cost millions in fines, lawsuits and customer attrition.&rdquo;</p> <p>Cybercriminals use SQL injection to target both external websites and internal databases when seeking data for identity theft and other profitable black market activities. Public websites serving as the face of an organization are known to be vulnerable to SQL injection attacks but so are internal collaborative sites as shown by the recent assault on the internal Nokia developer application.</p> <p>Internal data security leaks, a concern of 31 percent of GreenSQL users surveyed, let corporate data get into the wrong hands. While developers, administrators and customer service representatives all need data access, they should have different access privileges.</p> <p>In addition, true data protection covers threats from both employee theft and error. Coordinating database access control and command permissions can significantly reduce data loss from errors while lowering the cost to repair any that remain.</p> <p>Compliance ranks third in the survey as a top security concern. Lack of compliance with Sarbanes Oxley, PCI DSS, HIPPA, or other regulations can result in significant legal fees, negatively impinge on a company&rsquo;s ability to do business and reduce client and customer trust.</p> <p>Used by more than 100,000 SMBs in over 190 countries, GreenSQL offers four different database security technology packages.</p> <div style="clear:both;"></div><img src="http://www.websitemagazine.com/content/aggbug.aspx?PostID=19471" width="1" height="1">sql injectionweb securitydatabase securitygreensql