Data Breach Threat Analysis

Bill Dean #581 and Pete Dedes #562

Data Breach Threat is also known as Advanced Persistent Threat or Advanced Evasion Techniques.

Today’s cyber attacks are more stealthy and malicious than ever before and are programmed to remain unnoticed for as long as possible until an opportune time in the future to inflict damage. Although signs of the intrusion likely exist, many of today’s sophisticated data breaches are unnoticed for months.

In addition, data breaches can mean the loss of reputation and revenue and result in legal expenses.

In a recent data breach report involving the U.S Secret Service, 61 percent of companies that experienced a data breach were notified by a third party that it had occurred. In addition, 86 percent of data breach victims had evidence of the breach on their network before it was detected by them or a third party.

Sword & Shield analysts have discovered that many computer security breaches occur today because of the time lag between discovery of a vulnerability and installation of security patches. Simply stated: traditional anti-virus vendors continue to lag behind online criminals when it comes to detecting and protecting against new and quickly evolving Internet threats. Add this time lag to the patching schedules of diligent IT administrators, you have approximately a three month vulnerability window through which malware can be injected into the network. However, the vulnerability window is extended many more months and sometimes years when systems remain unpatched. The data extracted from conducting hundreds of network vulnerability assessments on networks shows that the number one vulnerability found is unpatched systems

To respond to this growing threat Sword & Shield adds Data Breach Threat Analysis to our traditional Network Vulnerability Assessment and Penetration Testing (NVA/PT) to assess the 86 percent of data breach victims who do not know they have been breached. This addition proactively identifies the types of attacks that companies are experiencing, the origin of the attacks, and determines if there is evidence of an existing threat in the form of malware and viruses.

By leveraging our extensive Incident Response experience and methodology the Data Breach Threat Analysis methodology takes a “snapshot in time” to:

• Profile real time attacks being perpetrated against the network
• Determine the origin (IP address and country of origin) of the attacks
• Determine the likely intent of the attacker
• Detect malware and viruses that may have already been introduced and remains undetected.
• Determine whether a system breach has occurred through a known vulnerability or an unknown vulnerability (0-day). The data sources captured in the snapshot will contain forensic evidence of the existence of the vulnerability and or attack.

The following video explains how Sword & Shield can respond to this growing threat:

Find Out More

Sword & Shield has been outsmarting cyber-criminals and improving security for enterprises around the world since 1997. Fill out our Consultation Request form or contact us by phone so we can begin securing your future.

U.S. Toll-free: 800-810-1885

International: 865-244-3500

Request a Consultation

Name *
Company
Email *
Phone *
State	Select a StateAlabamaAlaskaArizonaArkansasCaliforniaColoradoConnecticutDelawareDistrict of ColumbiaFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahVermontVirginiaWashingtonWest VirginiaWisconsinWyoming
How can we help you today?
Spam Protection	Type this:
Sales answers requests within 1 business day and usually within a few hours.