A long, colourful report called 2014 Trustwave Global Security Report has been released. It presents "key insights and recommendations based on our analysis of 691 data breach investigations conducted in 2013 and threat intelligence from our global security operations centers, telemetry from security technologies and research".
A few insights:
- To steal data, attackers must first gain access to the target system. They may slip in through numerous means: weak login credentials, poor authentication controls, SQL injection, remote file inclusion, etc.
- 85 percent of the exploits detected were of third party plug-ins, including Java, Adobe Flash and Adobe Acrobat/Reader
- 71 percent of compromise victims did not detect the breach themselves
- The median number of days from initial intrusion to detection was 87
- Annihilate weak passwords by implementing and enforcing strong authentication policies and practices
- Use penetration testing to evaluate how resilient your systems are to compromise
- Develop, institute and rehearse an incident response plan, and identify which events or indicators of compromise should trigger the plan