The NTT Innovation Institute has released the new Global Threat Intelligence Report (GTIR), a document structured to raise awareness of the rapidly evolving global threat landscape.
The GTIR was based on threat intelligence and attack data from the NTT Group companies which include Solutionary, NTT Com Security, Dimension Data, NTT Data and support from NTT R&D. The security experts have analyzed approximately three billion worldwide attacks occurred in 2013, the Finance and Technology industries are that most targeted by attackers which used mainly botnet for their offensives. The majority of the vulnerabilities listed in the report are related to patch management, firewall and application settings.
The data fueled the report was collected from 16 Security Operations Centers (SOC) and 7 R&D centers.
The NTT researchers identified five critical areas of security:
The report correctly highlight the necessity to find solutions that represent the best balancing between cost and risks, the document is based on real-world case studies and it tries to figure out recommendations and strategies to mitigate the threats and reducing the impact on the company operation.
The impact of cyber threats is even more dangerous and is not depending strictly on the dimension of the organizations (e.g. SMBs, enterprises) neither from the physical location of victims.
“The rise of borderless capabilities overwhelms and breaks the implementation of traditional security controls. Managing the perimeter is the new paradigm. While the traditional perimeter was between “us” and “them” it has changed to include our partner or team for today which will be different than the one for tomorrow.” states the Global Threat Intelligence Report (GTIR).
It’s crucial to consider each enterprise like live entities that grow and interact with actors, like customers and contractors, its employees are around the world demanding resources and exchanging information. The data is the real value of the companies and the security model must be focused on the protection of functionality and data and assets. Security must be ensured into applications by design, simple and inflated concept that is often ignored by IT community.
“It’s not just how well the application is secured; but how well it is developed, architected, configured and maintained over time which matters.”
Key findings in the 2014 GTIR include:
The recommendations provided in the GTIR report are:
I suggest you to carefully read the report that is full of interesting data.
(Security Affairs – Global Threat Intelligence Report (GTIR), security)