Top Cyber Threats
The way software is used today has clearly shifted towards "as-a-service". Classic on-premises applications are migrating more and more into the (managed) cloud and users are using hybrid scenarios from local and cloud applications on their devices. This Leadership Brief discusses top cyber threats—and shows how to overcome or manage them.
1 Executive Summary
Every three years, the Open Web Application Security Project (OWASP) Foundation publishes its "OWASP Top 10" document, which is widely read across a broad industrial and scientific spectrum. In addition, it offers controls, cheat sheets and best practices for security testing, but is primarily focused on application security. This Leadership Brief goes a bit further and looks also at other attack vectors beyond OWASP.
A large number of Data Breaches have been featured in the press over the last twelve months. Either user data or important company data was stolen. This means that the biggest threat, apart from paralyzing a system, is the theft of information.
There are various methods that an attacker can use to access critical company information. From the manipulation of employees, the attack on company interfaces to classic malware, everything is possible - and used - to harm a company.
In OWASP's Top 10 list, Data Breaches - "A3:2017-Sensitive Data Exposure" are ranked as the third largest threat for a Web application.