Verizon Presents 2013 Data Breach Investigations Report
OREANDA-NEWS. March 06, 2013. The soon-to-be-released “Verizon 2013 Data Breach Investigations Report” will provide an even broader, more extensive picture of cybercrime around the globe by expanding the types of security events studied and analyzing data from a much larger number of global security organizations.
To be released this spring, the 2013 DBIR will study security events such as distributed denial of service attacks, network intrusion, insider misuse, and attacks against the energy and critical infrastructure sectors. The report will contain data from 19 organizations, more than three times as many as the six organizations in the prior year’s study.
The new organizations are: CERT Insider Threat Center (of Carnegie Mellon University); Consortium for Cybersecurity Action; Danish Ministry of Defence, Center for Cybersecurity; Danish National Police, NITES (National IT Investigation Section); Deloitte; Electricity Sector Information Sharing and Analysis Center (ES-ISAC); European Cyber Crime Center (EC3); G-C Partners, LLC; Guardia Civil (Civil Guard of Spain); Industrial Control Systems Cyber Emergency Response Team (ICS-CERT); Malaysia Computer Emergency Response Team (MyCERT); CyberSecurity Malaysia; National Cybersecurity and Communications Integration Center (NCCIC); ThreatSim; and the US Computer Emergency Readiness Team (US-CERT).
The organizations continuing to contribute data include: the Australian Federal Police; Dutch High Tech Crime Unit (NHTCU); Irish Reporting and Information Security Service (IRISS-CERT); U.S. Secret Service; and the Verizon RISK (Research Investigations Solutions Knowledge) team.
“The additional contributing security organizations will enable us to paint an even clearer picture of the threat landscape facing businesses today,” said Wade Baker, managing principal of the RISK team and principal author of the DBIR. “This added insight will make a difference in helping organizations around the globe put the right defense in place. Today’s cyber landscape remains a tough one to navigate, and unfortunately, we believe it will continue to remain challenging in 2013.”
All DBIR contributors use the Verizon VERIS framework to input breach data. The framework, which has been in existence since early 2010, uses a common language and a structured, repeatable process, both of which allow organizations to objectively classify security incidents.
“The common language is critical, as there is currently no universal language that describes security incidents or an accepted industry standard for the development of risk metrics,” noted Baker.
The DBIR is now in its sixth year of publication. The Verizon RISK team has been collecting data since 2004, and over the entire nine-year range of this study the tally now exceeds 2,500 data disclosures and 1.2 billion compromised records.
Verizon helps organizations protect their core asset: data. The company does this through a robust suite of security services -- including governance, risk and compliance solutions; identity and access management solutions; investigative response; data protection and threat management services; and vulnerability management services -- delivered in the cloud or on premises. For more information on Verizon Security Services, click here. For ongoing security insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog.
Visit Us at RSA in San Francisco
Verizon will exhibit at the RSA Security Conference in San Francisco in Booth #917. During the show, Verizon’s RISK team is onsite to share intelligence and insight at its “Security Perspectives” corner. See the Verizon RSA page for more information on the times and dates the sessions will be conducted.
Комментарии