If you want see a concise history of the past three years of IT Security incidents, you need to download the IBM
As you can tell by the change in colors as you scan the graphic from left to right, the industry is starting to get a handle on DDoS atacks and SQL injection attacks, while attack types based on physical access to machines and distribution of malware are becoming more common. As noted in the report:
"The declines in vulnerabilities demonstrated at the end of 2013 in both XSS and SQL injection could indicate that developers are doing a better job at writing secure web applications, or possibly that traditional targets like content management systems (CMSs) and plug-ins are maturing as older vulnerabilities have been patched. As noted, XSS and SQL injection exploitation continue to be observed in high numbers, indicating there are still legacy systems or other unpatched web applications that remain vulnerable. This is expected, considering there are many thousands of blogs and other websites run by individuals who may not have the skills or awareness to update to later versions of their platform or framework."
The other thing to note in the graphic is that the overall number of incidents overall impact of IT security incidents aren't exactly going down, so it seems there is still plenty of job security in the IT security arena in 2013.
"More than half a billion records of personally identifiable information such as names, emails, credit card numbers, and passwords were leaked in 2013 -- and these incidents show no signs of stopping."
That's the headline message in the Thr