Threats
Unauthorized access/disclosure/receipt of sensitive data
What is data theft?
Controlled identification and implementation of required changes
What is Change Management?
The primary method used for stealing privileged user credentials
What is phishing?
40% of all email attacks were this type of threat/attack
What is phishing?
Type of malware that holds systems or data hostage until a ransom is paid
What is ransomware?
A person with access to critical systems and can perform tasks not permitted for standard users
What is Privileged User?
These are the keys to the kingdom (in security)
What are credentials?
The average cost of this was $4.88 million; for healthcare the average cost was $10 million
What is a data breach?
Employees, contractors or business partners that use credentials for criminal behavior
What is malicious insider?
Identifying, acquiring, testing and installing updates to software, drivers and firmware
What is Patch Management?
This type of account should be logged out of when not in use
What is administrator?
What is ransomware?
Malware that applies logic and changes based on interactions with the targeted systems.
What is malicious AI?
Capturing, storing and analyzing user activity data to help maintain security and compliance
What is Audit, Logging and Monitoring?
This is the most effective tool in a malicious actor's arsenal
What is Patience?
This type of attack grew by 1,265%
What is phishing? (driven by growth of GenAI)
Overwhelming a critical network or system to the point of inoperability by flooding the target with traffic
The activities employed to identify, analyze and correct hazards
What is Incident Management?
This idea should be employed when granting access to users in order to minimize risk
What is minimum necessary or least privilege?
90% of all cyber incidents are the result of this