Bob Flores, former CTO with the Central Intelligence Agency (CIA) in the US, and now managing partner for Cognito Corp, has shared some key insights around data security in Australian businesses.
Speaking as part of Connect Expo’s Next Big Thing Summit in Melbourne, Flores featured a number of key facts and figures around the state of local and global enterprise security, including key resources that demonstrate the extent of the world’s security problem, while offering solutions for how to create a culture of secure cyber intelligence.
Here's a list of the crucial security data resources that he relies on.
1. The Verizon Data Breach Incident Report
In his presentation, Flores cited numerous statistics from the latest Verizon Data Breach Incident Report, which details the confirmed breaches in just a one year time period, as well as the exact type and frequency of those breaches.
A key focus from this report was the extent to which phishing emails can threaten a company’s security, with 23 per cent of all phishing emails globally being opened by staff. A further 11 per cent have clicked on the attachments in these emails.
“Once you click on that attachment, the malware is delivered. If I send a phishing email to 100 people, 11 of them will allow me to get into their network,” he said.
“Depending on how good my malware is, I can reside inside your network for years - kind of like sleeper agent - before I rear my ugly head and start doing something – stealing data, whatever."
To classify the level of security risk Australian businesses may face, Flores said he used the relatively new Shodan search engine to provide a “vulnerability snapshot” of Australia.
Shodan has been described as the Google for the Internet of Things, and was originally designed to provide technology companies with information about where and how their products were being used.
However, this search engine can also find routers with exposed backdoors, unsecured webcams, and industrial control systems still using default passwords – information valuable both for organisations looking to better lock down their environments or investigate potential partners, as well as hackers looking for avenues to exploit.
The service is available publicly and free of charge, but enterprise clients can also buy raw, real-time access to all the data it collects.
“Shodan looks out at all of the IP addresses connected to other IP addresses, and you can further classify those like, say I want to look at what’s happening with just traffic cameras,” said Flores.
“Last week we took a snapshot of what’s going on in Australia – it showed a tremendous number of vulnerabilities.” A large and detailed list was presented to the audience identifying servers still utilising default passwords from the main factory.
Sign up for Computerworld eNewsletters.