Page 8 - Mobile Data Loss
P. 8

2     Mobile Data Loss
          THE PROBLEM

                                                                       1
          More than 1 Billion data records were exposed in 2014 alone with
                                                      2
          legacy PCs and Servers as the main target. These records include
          social security numbers, home addresses, credit cards, health informa-
          tion, fingerprints, and much more. The exposure has been global,
          encompassing virtually every industry and governments across the
          globe. It’s quite a staggering statistic considering that we’ve had
          roughly 30 years to perfect and fortify these PC-era technologies, and
          it appears that we’re worse off than we’ve ever been.

             These legacy PC and Server-based operating systems rely on secu-
          rity products such as anti-virus to provide an overlay agent that
          encompasses a firewall, anti-malware, anti-virus, and intrusion preven-
          tion. Add in additional network layers that include a perimeter
          Firewall, Network Intrusion Prevention, Malware Protection Systems,
          Proxies, and more. Yet as evidenced by the mass breaches of 2014 and
          2015, we’re losing the battle. Malware continues to infest these sys-
          tems, and attackers are winning the battle.

             A few lessons can be learned from these breaches. The first is that
          the length of time to discover a breach ranges from weeks to months,
                                                                       3
          or even longer. Roughly 50% of breaches take months to detect. This
          would imply that there is a massive time window of compromise stem-
          ming from a huge lack of visibility and automated timely countermea-
          sures to these attacks to mitigate a breach.
             Secondly, less than 4% of the breaches from 2014 “involved data
                                                4
          that was encrypted in part or in full.” With the widespread avail-
          ability of encryption solutions, it’s clear that very few organizations
          have embraced encryption or deployed it to protect their most
          important data.






          1
           2014 Year of the Mega Breaches & Identity Theft, http://breachlevelindex.com/pdf/Breach-Level-
          Index-Annual-Report-2014.pdf
          2
           2014 Data Breach Investigations Report   Verizon, http://www.verizonenterprise.com/DBIR/
          2014/reports/rp_dbir-2014-executive-summary_en_xg.pdf
          3 2014 Data Breach Investigations Report   Verizon, http://www.verizonenterprise.com/DBIR/
          2014/reports/rp_dbir-2014-executive-summary_en_xg.pdf
          4 Breach Level Index Annual Report 2014, http://breachlevelindex.com/pdf/Breach-Level-Index-
          Annual-Report-2014.pdf
   3   4   5   6   7   8   9   10   11   12   13