Verizon data breach report

Found via the SANS mailing list, Verizon’s report on the causes of and responses to data breaches is worth a read.

Some worrying/fascinating stats:

  • Only 7% of data breaches are identified through a detection process
  • It takes weeks to do anything about them (pp22-23)
  • Two thirds of breaches involved data that the organisation did not know was present on the system (p25)

On the bright side, a basic patching strategy would protect against most attacks – even if the patches are applied weeks late.

And to wrap up, one of the SANS editors puts this report into context (my emphasis):

The learning that results from this kind of forensic analysis of actual security failures is invaluable if it is used as feedback to inform our security investments. It also is useful to guide the selection of security outcome metrics we should be tracking on a continuing basis to determine how well or poorly our security investments are working. Cybersecurity begs for more application of causality oriented feedback learning. The lack of this type of analysis and feedback is a great weakness in so-called risk management.

Download the report here (it’s only 27 very readable pages).

More comments etc:–/news/110936

Finally, you can get on the SANS mailing list via

Update (24 June)

Bruce Schneier has now picked up on this – expect some interesting chat here.

About Peter Cruickshank

Lecturer in the School of Computing and a member of the Centre for Social Informatics at Edinburgh Napier University, Scotland. Interested in information systems, learning, politics, society, security and where they intersect. My attempts at rounding out my character include food, cinema, running, history and, together with my lovely wife, bringing up a cat and a couple of kids.
This entry was posted in news, research, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s