Cyber-criminals are increasingly sophisticated and targeted in their attacks. If you are in charge of ensuring the security of your company’s website, it has not been easy going as these notable security incidents reveal:
• Sabre Systems—The reservation software company had data from Hard Rock Hotels, Google, Loews, and others, stolen as a result of the breach1.
• CIA—WikiLeaks obtained and published documents detailing the intelligence agency’s hacking efforts1.
• Virgin America—Thousands of employees and contractors had their login information compromised1.
• Equifax—The credit rating agency had a breach into highly sensitive personal information of 143 million U.S. consumers1.
• Universities and Federal Agencies—More than 60 universities and US federal organizations were compromised with SQL injections1.
There are numerous lessons to be learned from these breaches. Despite the growing stream of news stories about highly damaging attacks that compromise customer information, leading to lost sales and a significant impact on the reputations of brands, it is surprising how many organizations do not have adequate security measures in place. These topics will be covered in this paper.