This is the “see everything in one glance” visual. See pg 15 in the DBIR for talking points.
2012 Data BreachInvestigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting &Information Security Service, Police Central e-Crime Unit, and United States Secret Service.
Data Breach Investigations Report (DBIR) series An ongoing study into the world of cybercrime that analyzes forensic evidence to uncover how sensitive data is stolen from organizations, who’s doing it, why they’re doing it, and, of course, what might be done to prevent it.Available at: http://verizonbusiness.com/databreachUpdates/Commentary: http://securityblog.verizonbusiness.com
Hold on… Wha???Why is my telco investigating breaches?
Enterprise Solutions to Meet Business Imperatives Communications Networking IT Services Security Services Mobility Services Services• Cloud-based Services • Government, Risk and • Contact Center • Internet • Advanced Compliance Services Communications• Data Center Services • Private WAN • Identity and Access • Unified • Applications and• Managed Applications • Private Point to Point Management Communications Content• Managed IT • Access Services • Managed Security • Video, Web and Audio • Global• Equipment and Conferencing • Managed Networks Communications • Equipment and Services Services • Traditional Voice • Equipment and • Hardware• Professional Services Services • ICSA Labs • Emergency • Mobile Data Communications • Professional Services • Professional Services • Voice and Messaging Services • Professional Services • Equipment and Services RISK Team • Professional Services falls here
Methodology: Data Collection and Analysis• DBIR participants use the Verizon Enterprise Risk and Incident Sharing (VERIS) framework to collect and share data.• Enables case data to be shared anonymously to RISK Team for analysisVERIS is a (open and free) set of metrics designed to provide a commonlanguage for describing security incidents (or threats) in a structured andrepeatable manner.VERIS: https://verisframework.wiki.zoho.com/
Unpacking the 2012 DBIRAn overview of our results and analysis