Businesses concerned about ongoing vulnerability management may be interested in a new study from Verizon, which has sought to identify which data breach threats organisations are most likely to face in the new year.
According to the latest Verizon Data Breach Investigations Report, the most common risk factor of 2013 regarding digital security will be attacks and failures related to authentication, such as employee usernames and passwords being stolen or lost and utilised for malicious purposes.
Principal author of the report, Wade Baker, believes that around 90 per cent of unauthorised data breaches which occur in 2013 will involve compromised identities or authentication systems in some way.
"Enterprises need to make sure they have a sound process for creating, managing and monitoring user accounts and credentials for all of their systems, devices and networks," warned Mr Baker in a statement issued December 19.
The second most common cause of a data breach in 2013, according to Verizon, will be through web application exploits. The telecommunications company believes that these are more likely to affect larger organisations than SMEs, and that government agencies are particularly at risk.
"Given these odds, organisations that choose to take their chances and ignore secure application development and assessment practices in 2013 are asking for trouble," said Mr Baker.
Any business which is concerned it may be at risk of a data breach should take the time now to schedule a thorough security audit report, which can identify any potential vulnerabilities which may be present in existing security protocols.
Third party assessments such as a security audit evaluations or penetration testing are an excellent way of protecting your organisation against current and future cyber security threats, and mitigating the risk of cybercrime moving into the new year.
Another risk factor highlighted by Mr Baker and Verizon is that presented by hacktivists – computer hackers who attempt to access a secure server for political or social motivations.
Mr Baker noted that these targeted attacks, which have been a prominent cyber security concern of 2012, will continue, and suggested that businesses and government agencies alike be watchful on this front.
Finally, another prominent digital security threat which Mr Baker forecast for 2013 was that presented by social engineering.
Social engineering involves targeting people through psychological manipulation in order to manipulate them into giving away personal or confidential information that could be used to commit a data breach.
With the rise of social media, social engineering is now a bigger threat to cyber security than ever before, and Mr Baker has warned that organisations need to be vigilant in order to ensure their employees are informed as to how to ensure information confidentiality at all times.
"It's impossible to eliminate all human error or weaknesses from an organization, but vigilance and education across the employee population help to control and contain such schemes," said Mr Baker.