Академический Документы
Профессиональный Документы
Культура Документы
CYBERATTACKS
BY ROB RUDLOFF
CRIME WARE
EVERYTHING ELSE
MISCELLANEOUS ERROR
POS INTRUSION
CYBER ESPIONAGE
INSIDER MISUSE
EXHIBIT 1:
POS
INTRUSION
7%
CYBER
ESPIONAGE
7%
33%
13%
INSIDER
MISUSE
13%
13% 14%
THEFT/
LOSS
CRIMEWARE
EVERYTHING
ELSE
EXHIBIT 2:
THEFT/LOSS
CYBERATTACKS
EXHIBIT 3:
EXHIBIT 4:
Understanding how
INFORMATION MOVES
into, through, and out
of your business is
ESSENTIAL
to assessing security
VULNERABILITIES.
CYBERATTACKS
EXHIBIT 5:
PATCH Management
CYBERATTACKS
Conclusion
Construction is an extremely collaborative effort among
owners, real estate professionals, financial institutions, architects, engineers, GCs, subcontractors, equipment and material suppliers, etc. Contracts, blueprints, CAD drawings,
BIM models, workplans, and financial documents represent
merely the tip of the iceberg of the complex information that
is shared among building partners during the life of a project.
Your cybersecurity must be managed in the context of this
extended digital ecosystem.
Data used in construction projects today improves efficiencies, saves time, and creates digital footprints for future work.
However, you owe it to your customers and colleagues to
operate securely and prevent threats. Proper management of
cybersecurity will ensure this valuable information remains
secure and that benefits of data continue to outweigh the risks.
There is no silver bullet that will solve all cybersecurity challenges, but investing in long-term maintenance, monitoring,
and security that can be sustained over time is an excellent
defense. n
ROB RUDLOFF, CISSP, ISSMP, MBA, is Partner-inCharge of the Cyber Security Risk Services at RubinBrown
LLP in Denver, CO.
Rob has been helping organizations improve their
security posture for more than 20 years. He specializes
in application and network security vulnerability and
penetration testing, security policy and procedure support, security posture reviews, mitigation support and
architecture development.
Phone: 303-952-1220
E-Mail: rob_rudloff@rubinbrown.com
Website: www.rubinbrown.com
Endnotes
1. 2014 Data Breach Investigations Report (DBIR), Verizon, available at
www.verizonenterprise.com/us/DBIR.
2. 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute,
May 5, 2014, available at www.ponemon.org/blog/ponemon-institutereleases-2014-cost-of-data-breach-global-analysis.
3. bigstory.ap.org/article/af77f567a4b74f128a4869031dc9add9.
4. dealbook.nytimes.com/2014/10/02/jpmorgan-discovers-further-cybersecurity-issues.
5. Target Data Breach Price Tage: $252 Million and Counting. MintzLevin,
February 26, 2015. www.privacyandsecuritymatters.com/2015/02/
target-data-breach-price-tag-252-million-and-counting.
6. Cox, Randall. Expected Target Losses. Rippleshot, January 29, 2014.
info.rippleshot.com/blog/expected-target-losses.
7. Data Breach Quick View: 2014 Data Breach Trends report, Risk Based
Security, February 2015. www.riskbasedsecurity.com/reports/2014YEDataBreachQuickView.pdf.
8. 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute,
May 5, 2014, available at www.ponemon.org/blog/ponemon-institutereleases-2014-cost-of-data-breach-global-analysis.
9. Mejia, Robin. Red Team Versus Blue Team: How to Run an Effective
Simulation. CSO. March 25, 2008. www.csoonline.com/article/2122440/
emergency-preparedness/red-team-versus-blue-team--how-to-run-aneffective-simulation.html.