More data was stolen from corporate networks last year by hactivists than by cyber criminals, according to a new report from Verizon.
The Verizon 2012 Data Breach Investigations Report includes analysis from 855 cyber security breaches worldwide that involved 174 million compromised records. More than half -- 58 percent -- of all data that was compromised last year was the result of politically motivated attacks rather than those motivated by financial gain.
Verizon said most data breaches could be avoided if network managers followed best practices in information security.
Here are seven tips that Verizon says will help CIOs avoid hactivist-style attacks as well as thwart cyber criminals:
1. Protect your servers.
Verizon found that 94 percent of all data compromised last year involved servers, rather than end devices such as laptops or smartphones. So while CIOs are worrying about mobile device management and employee "Bring Your Own Device'' policies, they ought to be paying more attention to the physical and cyber security of servers that contain personally identifiable information or intellectual property.
2. Get rid of unnecessary data.
Corporations tend to collect too much sensitive data in the first place, and then they fail to delete it when they no longer need it. All organizations need to have strict policies for retaining as little data as necessary to meet regulatory requirements. They need to know what data must be retained and where it is located so they can keep it secure.
3. Look at your logs.
Many corporations have security software that is network access and other logs, but they don't have automated tools for analyzing the logs and finding vulnerabilities or breaches. CIOs need to dedicate IT staff to monitor and mine event logs for evidence of network or server break-ins. Unusual network activity can be a sign of malware that collects, monitors and logs the actions of users as a way of gathering user names and passwords. Log monitoring also can identify a common attack known as SQL injection.
4. Use two-factor authentication.
Having a two-factor authentication system for access control - such as passwords and an access card - reduces the risk of hackers breaking into servers with stolen user names and passwords. It's also important to have strict password policies such as complex passwords, regularly changing passwords and limiting failed login attempts. Another suggestion is to use IP blacklisting to restrict access to servers.