Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Chaotic
Newcomer II
‎11-06-2017 12:23 PM
‎11-06-2017 12:23 PM

Cybercrime

Hi there, I have a few questions. I am doing a research project and I was hoping in getting some more recent information about cybercrime. The information on google.com and bing.com about cybercrime is either 2 years old, or irrelevant to what I am seeking. The questions I have are as follow, What is the the major threat? How can someone prevent these attacks? The reason I ask is because there are many ideas on how to defend yourself online. Some say use VPN, others say use Tor, or proxies. How are people suppose to understand what this means when the information we are given is not in detail. The information that I have heard in detail cost me 20 dollars. Even there some information and ways to prevent aren't allowed. Is cyber security something the government wants to control? I would like to continue on, but I will leave this here and wait for some opinions from you. Thank you.

Reply
5 Replies
CISOScott
Community Champion
‎11-06-2017 02:34 PM
‎11-06-2017 02:34 PM

See if you can get your hands on the Verizon Breach Report (DBIR) for the current year. Usually a lot of good details in there.

Reply
Chaotic
Newcomer II
‎11-07-2017 11:14 AM
‎11-07-2017 11:14 AM

Thank you 🙂 I will check this out.
Reply
0 Kudos
jwilsonjx
Newcomer II
‎11-07-2017 02:15 PM
‎11-07-2017 02:15 PM

I would also recommend checking out https://www.owasp.org -- while there review the OWASP top 10. There is a plethora of free information on this site that details both the common vulnerabilities as well as means to defend against them. Albeit, many defenses are from a developer perspective.

Reply
Keelan_Stewart
Newcomer II
‎11-07-2017 03:31 PM
‎11-07-2017 03:31 PM

Succinctly, ransomware, phishing, and business email compromise continue to be major problems for businesses.  Defensively, you need to stick to the basics: patch management, vulnerability scanning, robust backups, etc.

 

Sources:

There are a number of good industry reports on cybercrime:

(ISC)2 sponsored Cybersecurity Trends - 2017 Spotlight Report

California Attorney General's Office California Data Breach Report 2016

PhishMe Enterprise Phishing Susceptibility and Resilience Report 2016

Verizon 2017 Data Breach Investigations Report

 

Defense:

Stick to the basics.  CIS gives you good, high-level objectives.  NIST gives you very in-depth options.

CIS Critical Security Controls

NIST Special Publications 800-xx Series

*800-53 has tons of controls, other 800-xx go in-depth on specific topics.

Reply
TonyDS
Newcomer II
‎11-10-2017 04:34 PM
‎11-10-2017 04:34 PM

Hello,

 

What's exactly are you trying to protect from the criminals? Are you thinking about home users, small business, large corporations, governments...? I'd suggest the response to your question will vary depending upon what the target is.

 

 

Reply