The bottom line: Third-party CMS plug-ins need careful patching.
Data breaches 2016 - mobile malware hype
A week doesn't go past without at least one security vendor talking up the menace of unsecured mobile devices. While that's true for the device itself, as in last year's report, Verizon still sees negligible risk that these platforms are a primary Launchpad for successful data breaches.
"For those looking for proclamations about this being the year that mobile attacks bring us to our knees or that the Internet of Things (IoT) is coming to kill us all, you will be disappointed. We still do not have significant real-world data on these technologies as the vector of attack on organizations," the authors say.
"If you feel we are in error, put down the torches and pitchforks and share any breach data that you have. We are always looking for avenues to shine lights into areas in which we may not have sufficient illumination. Also, their absence is not a suggestion to ignore these areas in your risk management decision-making."
When mobile devices start turning up in breaches, it will most likely be connected to IoT, the authors believe.
Bottom line: there are far easier ways into networks and databases
Sign up for Computerworld eNewsletters.