Welcome…and Verizon 2008 Data Breach Investigations Report

By Alan Hall - Director of Marketing

Verizon 2008 Data Breach Investigations Report

Welcome to the Solera Networks Blog. Rather than creating a lengthy welcome message, which you probably won’t read, I’m just going to jump in feet first with the inaugural post.

On October 2nd, Verizon released their 2008 Data Breach Investigation Report, an extensive four-year study that covers over 500 forensic engagements handled by the Verizon Business Investigative Response team. One key takeaway of the report is that the majority of organizations today are not applying enough focus on managing the risk of the “unknown unknown.” The most glaring statistic uncovered from the report was that only 4% of breaches are detected through event monitoring or other forms of analytic technologies.

It is not surprising that when the tools that are designed to stop intruders, viruses, and malicious activity fail to perform their appointed tasks, they also fail to send notification of an incident. Organizations rely too heavily on security tools that are intentionally avoided or disabled. Accepting the limitations of these tools will not only help prevent the malicious action, but will also help organizations plan for detection. Complete network surveillance is necessary to fill in when current security tools fail to detect network breaches.

A few interesting stats:

• 73% of data breaches were from external sources
• 375,000 – median # of records compromised from an internal breach
• 87,500 – median # of records compromised from a breach originating from a partner
• 30,000 – median # of records compromised from an external breach
• 84% of breaches involved payment card data
• 96% of the time, event monitoring or log analysis failed to notify of the breach

Unknown Unknowns
Nine out of 10 data breaches involved one of the following:

• A system unknown to the organization (or business group affected)
• A system storing data that the organization did not know existed on the system
• A system that had unknown network connections or accessibility
• A system that had unknowns accounts or privileges

Get the full report.

Tags: , , ,

This entry was posted on Monday, October 6th, 2008 at 10:52 am and is filed under Data Breach, In The News.
Both comments and pings are currently closed.

«
»

Comments are closed.

News

Categories

Archives

Site map

Network Forensics Products Solutions Partners Support Company
home | contact us | demo | product walk-through | blog | newsletter
©2009 Solera Networks Inc.
Share this page