V erizon 2   0 11 Investigative Response (IR) Caseload                        Review
Data collection methodologyPublication includes only incidents involvingconfirmed data compromise90 data breach investigat...
DemographicsLost largest amount of data       1)Information and Manufacturing industries       2)Financial sectors       3...
Threat AgentsVERIS recognizes three categories of agents        1)External        2)Internal        3)Partner        Motiv...
Threat agents over time by percent of breaches
Threat Actions 1Categories  Hacking  Malware  Social  Misuse  Physical  Error  Environmental
Threat Actions 299% of all stolen data involved the use ofsome form of hacking and malwareSocial tactics: half of all data...
Threat Actions 3 Hacking and malware are the leaders in thefield of data compromise because:  Afford the attacker many adv...
Top 10 threat action varieties by number of breaches that occurred in                                 2011
Assets 1Organizations  Server  • point-of-sale servers (POS)  • web/application servers  • database servers  • End Users  ...
ASSETS 2What to steal?  Data  Payment cards  Personal information (PII)  Authentication credentials  Trade secrets  Copyri...
Timeframes and methods of breach discoveryTime it took organizations to discover theyhad been the victim of a breach   • 6...
Breach discovery timeframe by percent of records
Created byXFORCETEAM
About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainlydevoted to issues of Malware Analys...
XFORCETEAM                    Contact us:            xforceteam@webprog.net                    www.xforceteam.com         ...
V
Upcoming SlideShare
Loading in...5
×

V

174

Published on

bla bla bla

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
174
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

V

  1. 1. V erizon 2 0 11 Investigative Response (IR) Caseload Review
  2. 2. Data collection methodologyPublication includes only incidents involvingconfirmed data compromise90 data breach investigationsVerizon Enterprise Risk and Incident Sharing (VERIS)framework to record case data • https://www2.icsalabs.com/veris
  3. 3. DemographicsLost largest amount of data 1)Information and Manufacturing industries 2)Financial sectors 3)Accommodation and Food Service Size of organizations Ranged from less than 100 to over 100,000 employees
  4. 4. Threat AgentsVERIS recognizes three categories of agents 1)External 2)Internal 3)Partner Motives » 1)Financial gain » 2)Hacktivism (acts of protest and retaliation) » 3)Disgruntled former employees » Geographic origin of attacks » 1)EMEA » 2)Americas » 3)APAC
  5. 5. Threat agents over time by percent of breaches
  6. 6. Threat Actions 1Categories Hacking Malware Social Misuse Physical Error Environmental
  7. 7. Threat Actions 299% of all stolen data involved the use ofsome form of hacking and malwareSocial tactics: half of all data loss
  8. 8. Threat Actions 3 Hacking and malware are the leaders in thefield of data compromise because: Afford the attacker many advantages, including: Remote access Relatively easy automation Anonymity Easy getaway
  9. 9. Top 10 threat action varieties by number of breaches that occurred in 2011
  10. 10. Assets 1Organizations Server • point-of-sale servers (POS) • web/application servers • database servers • End Users Desktops Laptop Point-of-sale terminals
  11. 11. ASSETS 2What to steal? Data Payment cards Personal information (PII) Authentication credentials Trade secrets Copyrighted information
  12. 12. Timeframes and methods of breach discoveryTime it took organizations to discover theyhad been the victim of a breach • 60% of cases it took months or years to figure this out • Discovery External party detected over two-thirds of breaches
  13. 13. Breach discovery timeframe by percent of records
  14. 14. Created byXFORCETEAM
  15. 15. About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainlydevoted to issues of Malware Analysis and Network Security Monitoring and their diffusion through video tutorials and screencasts.
  16. 16. XFORCETEAM Contact us: xforceteam@webprog.net www.xforceteam.com https://twitter.com/XForceTeamhttp://www.facebook.com/pages/XForceTeam/353616747996041 http://www.youtube.com/user/WebProgNet and more …

×