Botnet Activity Correlates to a Higher Risk of a Significant Breach
While some things may seem like they are stating the obvious, it is not until you put some hard numbers behind it that it becomes more than an assumption. Such is the case with botnet activity on internal networks it seems.
A new study that sought to examine the link between botnets and security events revealed that significant botnet activity on an enterprise network correlated to that organization being twice as likely to suffer a major data breach.
The researchers looked at data from publicly disclosed breaches in a range of industry sectors from March 2014 through March 2015, as these have the greatest impact to organizations in terms of personally identifiable information (PII) loss, subsequent customer notification, forensic investigation and reputation damage.
The team examined the ratings and risk vectors of 6,273 companies with 1,000 or more employees, of which 199 (3.3 percent) had experienced at least one recent and significant publicly disclosed breach.
Ratings were generated for each company that were comprised of an array of risk vectors which include any security events observed, like compromises of a company’s network, and diligence risk vectors, the steps a company has taken to prevent attacks.