SNIA-SDC23-Hibbard-Storage-Security-Update.pdf

《SNIA-SDC23-Hibbard-Storage-Security-Update.pdf》由会员分享，可在线阅读，更多相关《SNIA-SDC23-Hibbard-Storage-Security-Update.pdf（21页珍藏版）》请在三个皮匠报告上搜索。

1、1|2023 SNIA.All Rights Reserved.Virtual ConferenceSeptember 28-29,2021Storage Security Update for DevelopersEric Hibbard,CISSP,FIP,CISASamsung Semiconductor,Inc.Presented by2|2023 SNIA.All Rights Reserved.The Back StorySection Subtitle3|2023 SNIA.All Rights Reserved.Current Threat Landscape Social E

2、ngineering Advanced Persistent Threat(APT)Ransomware/Malware Unpatched/Updated Systems Security Misconfiguration Denial of Service Sensitive Data Exposure Injection Flaws Cryptojacking Cyber Physical Attacks Broken Authentication Broken Access Control Third Party(Supplier)Insider Theft Mobile Malwar

3、e Physical Loss of Devices Cross-site Scripting(XSS)Man-in-the-Middle Attacks IoT Weaponization4|2023 SNIA.All Rights Reserved.Common Threat Actors Cyber Terrorists Government-sponsored/State-sponsored Actors Organized Crime/Cybercriminals Hacktivists Insiders Script Kiddies Internal User ErrorsComm

4、on MotivationsPolitical,Economic,Technical,and Military AgendasProfit/Financial GainNotorietyRevengeMultiple/OverlappingSecurity is a People Problem!5|2023 SNIA.All Rights Reserved.Profile of 2023 BreachesNumber of data breaches in August 2023:73(publicly disclosed)Breached records in August 2023:79

5、,729,271Number of data breaches in 2023:767Number of breached records in 2023:692,097,913Biggest data breach of 2023 so far:Twitter(220 million breached records)Most breached sectors:Healthcare(229),education(126),public(106)Source:IT Governance Ltd6|2023 SNIA.All Rights Reserved.Recent Notable Brea

6、ches/Attacks MOVEit:June 2023 200 organizations;up to 1.75 million individuals T-Mobile:May 2023(and January 2023)over 37 million customers 100 million customers in 2021 breach;settled a class action lawsuit to the tune of$350 million in 2022 Yum Brands:January 2023 ransomware attack Unknown amount