Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

6 Factors To Consider When Assessing The Severity Of A Data Breach

5,771 views

Published on

Get full report: http://ow.ly/1K7G305gy6U
Not all breached data is of equal value and in order to better understand the desirability of the data and the severity of the breach, it's important to consider these 6 factors.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

6 Factors To Consider When Assessing The Severity Of A Data Breach

  1. 1. 1 6 Factors to Consider When Assessing the Severity of a Data Breach To learn more, download our report: Compromised Credentials - Learn From the Exposure of the World’s 1,000 Biggest Companies Not all breached data is of equal value and in order to better understand the desirability of the data and not the severity of the breach, it’s important to consider these 6 factors. Recoverable Passwords Data Sensitivity Freshness Transferability Size Public or Private Source 1 2 3 4 5 6 Data dumps with recoverable passwords, such as the LinkedIn breach of 2012, are more useful than those without. Highly sensitive or damaging data may be used by a threat actor in blackmail or extortion attempts, such as the Ashley Madison breach of 2015, or, in the case of health records, for identity theft. As a data set gets older, its usefulness declines as those contained within the data set either abandon accounts or change passwords. Some data sets are more relevant to an individual than others, especially those containing reusable information for other accounts such as addresses, secret questions, and credit card details. How accurately does the data represent the target user group? 50%? 70%? Critically, how accurately does the data represent the target group in relation to the desired outcome of the threat actor? The more ‘secretive’ the data, the more useful it would be for a threat actor. Also, if a data set has been made public, the affected organization is highly likely to revoke exposed passwords.
  2. 2. 2 London Level 39, One Canada Square, London, E14 5AB 332 Pine St. Suite 600, San Francisco, CA 94104 +1 (888) 889 4143 About Digital Shadows San Francisco info@digitalshadows.com+44 (0) 203 393 7001 digitalshadows.com Digital Shadows provides insight into an organization’s external digital risks and the threat actors targeting them. Digital Shadows SearchLight™ service combines scalable data analytics with human analysts to monitor for cyber threats, data leakage, and reputation risks. Digital Shadows continually monitors the Internet across the visible, deep and dark web, as well as other online sources to create an up-to-the minute view of an organization and provide it with tailored threat intelligence. The company is jointly headquartered in London and San Francisco. For more information, visit www.digitalshadows.com.

×