1Trustwave Weighs In on Self-Detected, SSL/TLS Vulnerabilities
by Sean Michael Kerner
2Compromises Vary by Industry
How IT environments are compromised varies across the industry segments. In retail, 27 percent of compromises came from POS breaches, while in the food and beverage space, POS accounted for 95 percent of breaches.
3Weak Passwords Pose Major Risks
The contributing factors across different types of compromises also vary. Weak passwords contributed to 50 percent of POS breaches and 8 percent of e-commerce breaches.
4Third Parties Report Most Breaches
In 2014, organizations self-detected only 19 percent of breaches. In contrast, 58 percent were first detected by credit card brands, regulatory bodies or merchant banks.
5Self-Detected Intrusions Detected Faster
For breaches third parties found, it took an average of 108 days in 2014 before security intrusions were detected. Self-detected breaches were found significantly faster, in only 10 days on average in 2014.
6Most Frequently Detected Vulnerabilities Not New
One of the mostly frequently detected vulnerabilities Trustwave analyzed is CVE-2011-3389, an SSL vulnerability first reported back in 2011.
7Adobe Flash Is the Top Exploited Application
Adobe Flash tops Trustwave’s list as the most exploited application Trustwave observed in 2014.
8Spam Volume Continues to Decline
Trustwave’s analysis shows a continued decline in spam volumes since the 2008 high of 92.6 percent, down to 59.7 percent in 2014.
9Health Care: The Leading Spam Category
Health care-related spam is the leading category of spam, at 72.4 percent in 2014, up from 55.4 percent in 2013.