Top Ten Database Threats
The Most Significant Risks and How to Mitigate Them

Introduction to Database Security Threats
Databases are one of the most compromised assets according to the 2014
Verizon Data Breach Report. The reason databases are targeted is quite simple;
databases are at the heart of any organization, storing customer records and
other confidential business data. But why are databases so vulnerable to
breaches? One reason is that organizations are not protecting these assets well
enough. According to IDC, less than 5% of the $27 billion spent on security
products directly addressed data center security

When hackers and malicious insiders gain access to sensitive data, they can
quickly extract value, inflict damage, or impact business operations. In addition
to financial loss or reputation damage, breaches can result in regulatory
violations, fines, and legal fees. However, the good news is that the vast majority
of incidents – more than 97% according to the Online Trust Alliance (OTA) in
2013 – could have been prevented by implementing simple steps and following
best practices and internal controls.

The top ten threats outlined in this whitepaper not only apply to traditional
databases, but also to Big Data technologies. While Big Data’s NoSQL technology
is different from SQL, the same injection points – such as input fields – still exist
for Big Data. These injection points provide an avenue for attackers to access Big
Data components. The Input Injection section in this whitepaper describes the
fundamentals for this type of Big Data attack.
Interesting read curtesy of Javacodegeeks
PDF: Top 10 Database Threats, Free Imperva White Paper