Servers: The Right Compute
cancel
Showing results for 
Search instead for 
Did you mean: 

Top 8 Cyber Security Attack Types and How to Avoid Them

Bob_Moore

HPE Secure Compute: Find out how security information management, governance, application security and event management help you avoid the top eight cyber security attack types—while reducing the cost of cybercrime.

Blog_CyberAttack_6_6.jpgCyber security attacks are continuing to grow in both volume and sophistication. Cybercriminals now take computer systems hostage at hospitals across the U.S., and they target banks around the world—even stealing $12.7 million in a massive ATM heist in Japan.

All businesses—including yours—are susceptible to a wide range of attacks, and no industry is going unscathed. In a recent survey, businesses reported 64 percent more security incidents in 2015 compared to 2014, and as mobile devices proliferate and businesses plug in more and more machines into the Internet of Things, the number and the severity of attacks will only get worse.

A staggering percentage of organizations experienced the top eight cyberattack types in 2016:

  • Malware–98%
  • Phishing/Social Engineering–70%
  • Web-based attacks–63%
  • Malicious Code–61%
  • Botnets–55%
  • Stolen Devices–50%
  • Denial of Service–49%
  • Malicious Insiders–41%

Although malicious insider attacks is last on the list, it’s interesting to note that these breaches were costliest in terms of the damage done and the efforts to recover. Denial of service attacks were the next costliest.

Preventing cyber security attacks: the 4 key security capabilities

The key to avoiding cyberattacks is to develop a high security profile, which also decreases the cost of cybercrime. Among the organizations surveyed in the recent Ponemon study, those with strong profiles experienced an average of $7.9 million in cybercrime costs, while organizations with an insufficient profile experienced an average cost of $11.1 million.

To enable your organization to develop a high security profile with advanced network infrastructure security capabilities, we recommend focusing on 4 key areas:

  • Information Management includes integrating IT security operations with risk management as well as integrating physical and logical security. Your organization should also devise advanced procedures for backup and recovery operations.
  • Governance comprises a formal information governance program and on-going auditing protocols for security policies and compliance procedures. It’s also important to develop a strategy for complying with existing government and industry regulations as well as new and changing regulations.
  • Application Security should be supported by security testing throughout the software development lifecycle. This includes penetration testing, run-time application self-protection, code review/debugging, data masking/redaction, educating developers on safe coding, static and dynamic scanning, and patch management.
  • Security Information and Event Management (SIEM) should be tailored to your environment and IT configurations while also incorporating threat intelligence from the community of security practitioners. By tightly coupling SIEM with advanced user-behavior analytics and event correlation, you can detect both known and unknown threats in real-time.

Building out your network security infrastructure

To help your organization avoid the top eight security attack types, 10 HPE Security Ops Centers across the globe monitor 23 billion security events monthly and are #1 in identifying vulnerabilities and threats. We also offer IT infrastructure security control technologies for systems deployed on-premises.

Our HPE Secure Compute security infrastructure solutions are built on open standards and feature server firmware that cannot be comprised. That’s because we maintain intensive supply chain security for all solution components, in addition to offering the Application Specific Integrated Circuit (ASIC) that contains the firmware running the servers.

HPE Secure Compute also provides additional infrastructure security and network security measures including network monitoring, security analysis, next-gen firewalls, and end-to-end data integrity. Your business benefits from the ability to recover data at all-flash array speed.

To find out more about avoiding cyberattacks, I invite you to follow us on Twitter at @HPE_Servers where you can learn how a high security profile that combines best practices with leading IT security solutions will support your business innovation and dramatically reduce the cost of cybercrime.

Learn more about HPE security innovations.

  • Trending Now
0 Kudos
About the Author

Bob_Moore

Bob leads the partner software organization for the server division. His team is also responsible for productizing the new HPE security technologies and delivering a comprehensive approach to security across all solutions.

Events
See posts for dates
ONline
Connect Worldwide Events - 2017
Connect Worldwide is Hewlett Packard Enterprise’s largest independent technology user community, and has more than 70,000 global members. Visit this p...
Read more
Each Month in 2017
Online
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all