Verizon Data Breach Report, 2010

The immense DBIR has been released for several weeks, and is chock full of great information.  While reading through the report highlights the very challenging environment we operate our digital assets within, it does provide a road map where professionals can focus their attention.  There is no possible way to abbreviate the report, but a few specific quotes caught my attention:

Malware gets increasingly difficult to detect and prevent (especially once the attacker owns the system) . Therefore, protect against the damage malware does after infection, much of which can be mitigated if outbound traffic is restricted.

“…a breakdown of organizational size follows a rather normal-looking distribution. It’s quite possible (and perhaps logical) that an organization’s size matters little in terms of its chances of suffering a data breach. One
might speculate that smaller budgets mean less security spending but it probably also means fewer assets to protect and a lower profile. Thieves are more likely to select targets based on the perceived value of the data and cost of attack than victim characteristics such as size.”

“The rather high percentage of “unknown” in Figure 18 is attributable to many factors. Many times there were no logs, corrupted evidence, and/or users were unavailable for interview. Occasionally, we see some of the “old school” infections vectors like e-mail and network propagation. Outside the world of data breaches, these are still alive and well but when stealth is critical and persistence is the goal, these vectors have less merit.”

When reading through the report I would suggest looking at the trends where security controls failed the most – not what worked the most.

Here is a link to the report, and their quite valuable blog.  A few good quick bits can be found here and here is an interview with Alex Hutton.

Well done gentlemen.

James DeLuccia

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s