Security musts for 2013

❖ Educate employees: employees leave the door open to attacks when they pick weak passwords, click on phishing links, and share company information on public platforms.❖ Identify users: a significant number of breaches occur as a result of an attacker obtaining access to a user’s account.❖ Register assets: maintain a complete inventory of valid devices, control environments to avoid unknown devices gaining access, and regularly assess patch levels and vulnerabilities.❖ Protect data: implement data lifecycle methodology to govern data from creation to destruction.❖ Unify activity logs: security information and event management (SIEM) technology can consolidate processing of logs for both physical and information security.❖ Visualise events: use the right data sources, SIEM analytics, and data modelling to identify threats ‘innately’ and respond quickly.

> 75.2% of a typical organisation’s inbound e-mail is spam.> About 10% of spam e-mails are malicious.