SlideShare a Scribd company logo

V

Tino Cionni
Tino Cionni

bla bla bla

TechnologyNews & Politics
1 of 17
V erizon 2 0 11 Investigative Response (IR) Caseload Review
Data collection methodology Publication includes only incidents involving confirmed data compromise 90 data breach investigations Verizon Enterprise Risk and Incident Sharing (VERIS) framework to record case data • https://www2.icsalabs.com/veris
Demographics Lost largest amount of data 1)Information and Manufacturing industries 2)Financial sectors 3)Accommodation and Food Service Size of organizations Ranged from less than 100 to over 100,000 employees
Threat Agents VERIS recognizes three categories of agents 1)External 2)Internal 3)Partner Motives » 1)Financial gain » 2)Hacktivism (acts of protest and retaliation) » 3)Disgruntled former employees » Geographic origin of attacks » 1)EMEA » 2)Americas » 3)APAC
Threat agents over time by percent of breaches
Threat Actions 1 Categories Hacking Malware Social Misuse Physical Error Environmental
Threat Actions 2 99% of all stolen data involved the use of some form of hacking and malware Social tactics: half of all data loss
Threat Actions 3 Hacking and malware are the leaders in the field of data compromise because: Afford the attacker many advantages, including: Remote access Relatively easy automation Anonymity Easy getaway
Top 10 threat action varieties by number of breaches that occurred in 2011
Assets 1 Organizations Server • point-of-sale servers (POS) • web/application servers • database servers • End Users Desktops Laptop Point-of-sale terminals
ASSETS 2 What to steal? Data Payment cards Personal information (PII) Authentication credentials Trade secrets Copyrighted information
Timeframes and methods of breach discovery Time it took organizations to discover they had been the victim of a breach • 60% of cases it took months or years to figure this out • Discovery External party detected over two-thirds of breaches
Breach discovery timeframe by percent of records
Created by XFORCETEAM
About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainly devoted to issues of Malware Analysis and Network Security Monitoring and their diffusion through video tutorials and screencasts.
XFORCETEAM Contact us: xforceteam@webprog.net www.xforceteam.com https://twitter.com/XForceTeam http://www.facebook.com/pages/XForceTeam/353616747996041 http://www.youtube.com/user/WebProgNet and more …

Recommended

Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Vivek Mishra
 
Raimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksRaimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksGraeme Wood
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 

Recommended

Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Vivek Mishra
 
Raimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksRaimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksGraeme Wood
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017PaladionNetworks01
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Netpluz Asia Pte Ltd
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omarzakuan zolkefly
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsCareer Communications Group
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
Information security
Information securityInformation security
Information securityAppin Faridabad
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016Sal Rodriguez
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYharsh arora
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Cyber
CyberCyber
Cyberwindows21
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019Omar Bshara
 
Presentation play
Presentation playPresentation play
Presentation playkathleenchina
 
61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013GE Grid Solutions
 

More Related Content

What's hot

Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017PaladionNetworks01
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Netpluz Asia Pte Ltd
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omarzakuan zolkefly
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsCareer Communications Group
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016Sal Rodriguez
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019Omar Bshara
 

What's hot (20)

Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior Analytics
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omar
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the Experts
 
Digital Security
Digital Security Digital Security
Digital Security
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard Raphael
 
Information security
Information securityInformation security
Information security
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident Report
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020
 
Cyber
CyberCyber
Cyber
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoS
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019
 

Viewers also liked

61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013GE Grid Solutions
 
UVA-Wise
UVA-WiseUVA-Wise
UVA-Wisedch2x
 
я оля мартиневич
я оля мартиневичя оля мартиневич
я оля мартиневичVasyl' Pidhirs'kyi
 
Rita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino AccomplishmentsRita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino Accomplishmentsrpmbonnici
 
Salvation army finalized
Salvation army finalizedSalvation army finalized
Salvation army finalizedkathleenchina
 
Props final
Props finalProps final
Props finalmbonnett
 
61850IMU Substation Recorder
61850IMU Substation Recorder61850IMU Substation Recorder
61850IMU Substation RecorderGE Grid Solutions
 
Amazon - L'empire caché
Amazon - L'empire cachéAmazon - L'empire caché
Amazon - L'empire cachéGuillon Reno
 
Black history from another angle
Black history from another angleBlack history from another angle
Black history from another anglejanetcheathambell
 
Limelight Staged Homes
Limelight Staged HomesLimelight Staged Homes
Limelight Staged Homessharonlime
 
行銷活動作品
行銷活動作品行銷活動作品
行銷活動作品zoe0812
 
61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & SystemsGE Grid Solutions
 
Internet programciligi-2
Internet programciligi-2Internet programciligi-2
Internet programciligi-2major5
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad ReviewsGlassdoor
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x TechnologyWebVisions
 

Viewers also liked (19)

Presentation play
Presentation playPresentation play
Presentation play
 
61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013
 
UVA-Wise
UVA-WiseUVA-Wise
UVA-Wise
 
Michael amaya
Michael amaya Michael amaya
Michael amaya
 
я оля мартиневич
я оля мартиневичя оля мартиневич
я оля мартиневич
 
Rita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino AccomplishmentsRita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino Accomplishments
 
Salvation army finalized
Salvation army finalizedSalvation army finalized
Salvation army finalized
 
Props final
Props finalProps final
Props final
 
61850IMU Substation Recorder
61850IMU Substation Recorder61850IMU Substation Recorder
61850IMU Substation Recorder
 
Amazon - L'empire caché
Amazon - L'empire cachéAmazon - L'empire caché
Amazon - L'empire caché
 
Black history from another angle
Black history from another angleBlack history from another angle
Black history from another angle
 
Limelight Staged Homes
Limelight Staged HomesLimelight Staged Homes
Limelight Staged Homes
 
行銷活動作品
行銷活動作品行銷活動作品
行銷活動作品
 
61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems
 
Manual
ManualManual
Manual
 
61850easy Test Tool 2013
61850easy Test Tool 201361850easy Test Tool 2013
61850easy Test Tool 2013
 
Internet programciligi-2
Internet programciligi-2Internet programciligi-2
Internet programciligi-2
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad Reviews
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x Technology
 

Similar to V

Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response ManagementDon Caeiro
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewdr_edw777
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfJenna Murray
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9Amanda Case
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data securityKeith Braswell
 

Similar to V (20)

Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk Management
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the Numbers
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
 

Recently uploaded

Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 

Recently uploaded (20)

Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 

V

  • 1. V erizon 2 0 11 Investigative Response (IR) Caseload Review
  • 2. Data collection methodology Publication includes only incidents involving confirmed data compromise 90 data breach investigations Verizon Enterprise Risk and Incident Sharing (VERIS) framework to record case data • https://www2.icsalabs.com/veris
  • 3. Demographics Lost largest amount of data 1)Information and Manufacturing industries 2)Financial sectors 3)Accommodation and Food Service Size of organizations Ranged from less than 100 to over 100,000 employees
  • 4. Threat Agents VERIS recognizes three categories of agents 1)External 2)Internal 3)Partner Motives » 1)Financial gain » 2)Hacktivism (acts of protest and retaliation) » 3)Disgruntled former employees » Geographic origin of attacks » 1)EMEA » 2)Americas » 3)APAC
  • 5. Threat agents over time by percent of breaches
  • 6. Threat Actions 1 Categories Hacking Malware Social Misuse Physical Error Environmental
  • 7. Threat Actions 2 99% of all stolen data involved the use of some form of hacking and malware Social tactics: half of all data loss
  • 8. Threat Actions 3 Hacking and malware are the leaders in the field of data compromise because: Afford the attacker many advantages, including: Remote access Relatively easy automation Anonymity Easy getaway
  • 9. Top 10 threat action varieties by number of breaches that occurred in 2011
  • 10. Assets 1 Organizations Server • point-of-sale servers (POS) • web/application servers • database servers • End Users Desktops Laptop Point-of-sale terminals
  • 11. ASSETS 2 What to steal? Data Payment cards Personal information (PII) Authentication credentials Trade secrets Copyrighted information
  • 12. Timeframes and methods of breach discovery Time it took organizations to discover they had been the victim of a breach • 60% of cases it took months or years to figure this out • Discovery External party detected over two-thirds of breaches
  • 13. Breach discovery timeframe by percent of records
  • 14.
  • 16. About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainly devoted to issues of Malware Analysis and Network Security Monitoring and their diffusion through video tutorials and screencasts.
  • 17. XFORCETEAM Contact us: xforceteam@webprog.net www.xforceteam.com https://twitter.com/XForceTeam http://www.facebook.com/pages/XForceTeam/353616747996041 http://www.youtube.com/user/WebProgNet and more …