In an analysis of Verizon's new Data Breach Digest 2017, Ashish Thapar, the company's Singapore-based managing principal for investigative response in APJ, highlights the need to improve the security of the IoT infrastructure and offers breach response insights based on case studies.
Improving the security of the IoT infrastructure is now a top concern because of the growing presence of IoT devices across all industries, Thapar says.
Sharing some predictions, Thapar says: "The emergence of this technology across sectors has been very bold and very loud as far as the visibility is concerned. IoT is therefore going to be most attacked, and also one of the most sought after skills on the practitioner side as well. Operational technology is the other sector where a lot of work remains to be done," he says
"Breaches are complicated affairs - human factors, exploited hardware, exploited configurations and malicious software being the four broad categories they can be put in," he points out.
The Data Breach Digest is separate from Verizon's Data Breach Investigations Report. It takes a closer, contextual look at trends by showcasing data breach investigation case studies from around the world, Thapar explains.
The report, available for free download, is designed to enable practitioners to learn from the breach experiences of other organizations, he says. The 2017 edition includes case studies from the point of view of such stakeholders as legal counsel and staff in the human resources and corporate communications departments.
In this interview (see audio link below photo), Thapar also discusses:
- The latest methods attackers are using, and their targets;
- Breach response lessons included in the Data Breach Digest;
- Trends in the cybersecurity landscape.
Thapar is the managing principal, risk services - APJ, at Verizon Enterprise Solutions. His experience includes designing, implementing and managing information security management systems for multiple organizations. Thapar has written several white papers and articles on information security topics. He also has been a featured speaker at several industry events.