Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
What Are You Doing During The Golden Hour After An Attack?
Newest First  |  Oldest First  |  Threaded View
TorryCampbell
50%
50%
TorryCampbell,
User Rank: Apprentice
6/8/2015 | 5:14:20 PM
Re: #Attacks vs Size

The proportion of targeted attacks was about the same independent of employee count. However, the average of 78 security investigations (found in the full report) varied a bit more based on employee count.

LoadingDose
50%
50%
LoadingDose,
User Rank: Apprentice
6/8/2015 | 10:40:36 AM
#Attacks vs Size
I would be interested to know how well (or not) the number of attacks correlates with the number of employees in your sample.  Is there a systematic relationship?  Correlation is not causation, but graphs of attacks vs size (revenue, #employees, etc) would be interesting nevertheless.  I did not see this info during a quick scan of the report.  Could you show us these?

 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/31/2015 | 11:26:59 PM
Discovery
> When fighting a targeted attack, security professionals surveyed reported that, on average, it took six days to move from discovery to remediation.

Keyword: Discovery

More the point, last I heard it takes enterprises an average of six months to discover an attack.

Agility is key.


How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3318
PUBLISHED: 2021-01-27
attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editorid parameter.
CVE-2020-5427
PUBLISHED: 2021-01-27
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.
CVE-2020-5428
PUBLISHED: 2021-01-27
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVE-2021-20357
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.
CVE-2020-4865
PUBLISHED: 2021-01-27
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.