TECHNOLOGY
follow . The most common methods of attacking web apps are using stolen or brute-forced credentials ( over 80 %) or exploiting vulnerabilities ( less than 20 %) in the web application to gain access to sensitive information .
• Personal data was involved in 58 % of breaches , nearly twice the percentage in last year ’ s data . This includes email addresses , names , phone numbers , physical addresses and other types of data that one might find hiding in an email or stored in a misconfigured database .
• Top controls highlighted included Secure Configurations ( CSC 5 , CSC 11 ), Boundary Defense ( CSC 12 ) and Account Monitoring and Control ( CSC 16 ). Momentum is building globally .
Cybersecurity has grown into an £ 8.9 billion industry in the UK . Microsoft is rolling out industry-specific cloud offerings , including one for manufacturing to create more resilient supply chains .
A Microsoft blog on building resilience from cybersecurity risks advises security leaders to step back from the technical lens , learn what assets and data are important to business leaders , and prioritize how teams spend their time , attention , and budget through the lens of business importance . “ The technical lens will be re-applied as the security , and IT teams work through solutions , but looking at this only as a technology problem runs a high risk of solving the wrong problems ,” it states .
Becoming resilient by understanding cybersecurity risks : Part 3 — a security pro ’ s perspective - Microsoft Security
80 April 2021