This means that sectors or organizations that seem to be of no interest to attackers can still be interesting as a stepping stone to another primary target. For these "derived" targets, actors actively look for weak links in chains, as a stepping stone to (more) interesting targets. This concerns, for example, suppliers of hardware and software, vital processes, such as those of telecom companies, or organizations that collect and process personal data on a large scale, including medical and employee data. The digital space, the mostly global supplier chains and concentrations of personal data are ideally suited for this. In addition to the "primary" targets mentioned, attackers also target targets that can form a springboard to other targets. Wealthy organizations are a favorite target of cyber criminals. Vital processes are a popular target for sabotage by state actors. ![]() For example, top sectors in the Netherlands are an obvious target for economic espionage and the national government for political espionage. It can vary by country and by type of espionage at which state actors focus their political espionage activities. The annual report (= het jaarbeeld) shows that many types of organizations are targeted by attackers. 16% indicate that his / her employer has made business equipment available. Employees are often unable to state what their employer has done about special measures to make working from home possible since the corona crisis (57%). This password still appears to be the default password of the router relatively often (29%). They often use a network connection with a password at home (78%). 48% of working Dutch people indicate that they have worked from home in the past 12 months. The corona crisis has forced more people to work from home. Most Dutch people also do not have a clear picture of what safe online behavior means at work (57%) or in a private situation (52%). However, with a lot of people working from home due to the pandemic, the home network and home situation could well become the Achilles heel of the corporate network router passwords are not changed and children use company hardware. Companies do a lot to have online security in order. The occurrence of online risks is more closely monitored and observed in the work situation than in the private situation. When looking at what kinds of risks or challenges are seen, this ranges from general cybersecurity threats, such as data leaks, hacked data, or a vulnerability that is used as a stepping stone, to specific risks. On the other hand, in general, these larger suppliers are reliable in cloud services and this is also the reason that many organizations use them. This results in a shared dependency, which means that a disruption of this service can manifest itself all the more extensively. ![]() Moreover, there is a limited number of large suppliers of cloud services, as a result of which different organizations (will) purchase the same service from the same party. The customer of the cloud service has no insight into which suppliers contribute to product development within the cloud environment, which is precisely the strength, the knowledge lies with the supplier and the customer does not have to worry about this, but one needs more insight here. ![]() The trend of migration from IT infrastructures to cloud services will play an important role in the SCRM issue. If you have an addition, question or remark, drop us a line at the risks arising from the purchase of cloud services has emerged as a challenge. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. Multiple Trend Snippets combined can provide insights into safety and security trends. This results in a wide array of observations, which we call ‘Trend Snippets’. In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The safety and security domain encompasses a vast number of subjects. The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |