250 likes | 397 Views
2011 DBIR. Data Breach Investigations Report series. http://verizonbusiness.com/databreach http://securityblog.verizonbusiness.com. 2011 DBIR Contributors. Verizon. United States Secret Service. Dutch National High Tech Crime Unit. Methodology: Collection and Analysis.
E N D
Data Breach Investigations Report series http://verizonbusiness.com/databreach http://securityblog.verizonbusiness.com
2011 DBIR Contributors Verizon United States Secret Service Dutch National High Tech Crime Unit
Methodology: Collection and Analysis • VERIS framework used to collect data after investigation • Aggregate and anonymize the case data • RISK Intelligence team provides analytics • 630 threat events VERIS: https://verisframework.wiki.zoho.com/
Overview – What’s New? • Over 750 new breaches studied since the last report • Total for all years = 1700+ • Just under 4 million records confirmed compromised • Total for all years = 900+ million • Euro-centric appendix from Dutch HTCU ??
Hacking – What Path did the Agent Take? Patchable vulnerabilities: 5
Conclusions & recommendations Focus on essential controls. Many organisations make the mistake of pursuing exceptionally high security in certain areas while almost completely neglecting others. Businesses are much better protected if they implement essential controls across the entire organization without exception. Eliminate unnecessary data. If you do not need it, do not keep it. For sensitive data that must be kept, identify, monitor and securely store it. Secure remote access services. Restrict these services to specific IP addresses and networks, minimising public access to them. Also, ensure that your organisation is limiting access to sensitive information within the network. Filter outbound activity. If the criminal cannot get the data out of your environment then the data has not been compromised. Monitor and mine event logs. Focus on the obvious issues that logs pick up, not the records. Reducing the compromise-to-discovery timeframe from weeks and months to days can pay huge dividends. Look for unusual location. Criminals do not tend to attack from the same location as your usual business partner and staff traffic.
DBIR: www.verizonbusiness.com/databreach VERIS: https://verisframework.wiki.zoho.com/ Blog: securityblog.verizonbusiness.com Email: dbir@verizonbusiness.com