Best of Breaches 2012 – Did you make the list?

Nortel
Nortel (Photo credit: secretlondon123)

This is the time of year you see the ‘best of’ lists popping
up everywhere. Lists of top breaches are no exception. Two excellent sources that
review and offer some insight into their listed breaches include Tom’s IT Pro
and Network World. Both lists include breaches that achieved fame for the
extent of the damage or publicity.

One of the more significant breaches was the Nortel breach
that remained undetected for 10 years. The hackers secured passwords for seven
Nortel executives. This allowed the hackers access to view and steal “technical
papers, R&D data, emails, plans and other sensitive corporate intellectual
property and trade secrets.” Although the full extent of the damage has not been
fully disclosed, or possibly been understood by Nortel, the breach leaves several
questions about the security measures used. Were there no noticeable changes in
network behaviour?
The Las Vegas Strip World of Coca-Cola museum ...
Did the executives not change their password on a regular
basis in 10 years?
While reading these lists I’m left wondering how many more
breaches occurred but didn’t make the list because they were never disclosed to
the public. For example Bloomberg published a list of breaches that weren’t previously
made public such as Coca Cola and the British energy group BG Group Plc.
How do you keep yourself off the list of 2013 breaches?
In part two of this blog we’ll follow up with a look at what
we can learn from these experiences with a compilation of tips to add to your security
checklist. 

Enhanced by Zemanta