Police: Pen tests could thwart 90 percent of breaches

Powered by SC Magazine
 

But more resources needed.

Some 90 percent of data breaches investigated by the NSW Police's fraud squad could have been avoided if organisations conducted penetration tests, according to a senior official at the cybercrime fighting unit.

Detective superintendent Bruce van der Graaf said the tests would detect holes in IT systems that were responsible for almost all theft of corporate databases.

"I don't know why more people don't do it," he said. "It could be too expensive, but consider the the pain of recovery after your business is breached."

Penetration tests help organisations identify holes in information security systems that could allow data to be stolen and then sold on web forums.

Bruce van der Graff will give a detailed account on efforts to curb online fraud at SC Magazine's 'Security on the Move' conference in Sydney next month. Click here to register.

Van der Graaf said penetration testing was just one of many areas in IT security that needed some attention to drive down the frequency of online fraud.

More police and resources were also needed, he said.

Database theft is on the increase, van der Graaf noted. He said he has seen a big shift in electronic crime who since joining the fraud unit in 1988.

"This year has been a challenge, a big learning curve," van der Graaf said. "We are [starting to] appreciate the scale and sophistication of the crimes."

He said fraud was more public back in the '80s and early '90s, and has since become more hidden and dangerous.

Copyright © SC Magazine, Australia


Police: Pen tests could thwart 90 percent of breaches
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 339

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote