image
Big businesses are constantly under attack, and that affects everything from customers and business partners to national security interests. When successful, the initial compromise is only a means to an end — the real goal is to mount follow-on attacks like spearphishing, extortion attempts and account takeover (ATO). And much to the chagrin of security experts, those attacks on household-name companies are growing. Last year saw more than 6,500 data breaches, exposing a staggering 5 billion compromised records, according to Risk Based Security. “Breaches against large enterprises are becoming more frequent. There are several reasons for this – notably, breaches are no longer standalone incidents, they are part of larger organized cybercrime networks,” said Arun Kothanath, chief security strategist at Clango, in an interview. The second reason, Kothanath said, was that the price of data is skyrocketing: Beyond data tied to financial institutions being an attractive target, so is data tied to healthcare, education, infrastructure, elections and national security. Even though we live in a “breach-of-the-week” era, where data-thieving and inadvertent information exposures have become an expected part of the landscape, large enterprises can’t afford to see data stewardship as anything other than a critical risk, experts warn. Scale and Complexity Alex Guirakhoo, strategy and research analyst at Digital Shadows, told Threatpost that contrary to conventional wisdom, large…

Source