Verizon’s ‘2013 Data Breach Investigations Report’ Expands Types of Threats Analyzed
Report to Analyze Data From 19 Global Security Organizations, a More Than Threefold Increase Over Organizations That Contributed to 2012 Report
To be released this spring, the 2013 DBIR will study security events such as distributed denial of service attacks, network intrusion, insider misuse, and attacks against the energy and critical infrastructure sectors. The report will contain data from 19 organizations, more than three times as many as the six organizations in the prior year’s study.
The new organizations are: CERT Insider Threat Center (of Carnegie Mellon University); Consortium for Cybersecurity Action; Danish Ministry of Defence, Center for Cybersecurity;
The organizations continuing to contribute data include the: Australian Federal Police; Dutch High Tech Crime Unit (NHTCU) ; Irish Reporting and Information Security Service (IRISS-CERT);
“The additional contributing security organizations will enable us to paint an even clearer picture of the threat landscape facing businesses today,” said Wade Baker, managing principal of the RISK team and principal author of the DBIR. “This added insight will make a difference in helping organizations around the globe put the right defense in place. Today’s cyber landscape remains a tough one to navigate, and unfortunately, we believe it will continue to remain challenging in 2013.”
All DBIR contributors use the Verizon VERIS framework to input breach data. The framework, which has been in existence since early 2010, uses a common language and a structured, repeatable process, both of which allow organizations to objectively classify security incidents.
“The common language is critical, as there is currently no universal language that describes security incidents or an accepted industry standard for the development of risk metrics,” noted Baker.
The DBIR is now in its sixth year of publication. The Verizon RISK team has been collecting data since 2004, and over the entire nine-year range of this study the tally now exceeds 2,500 data disclosures and 1.2 billion compromised records.
Verizon helps organizations protect their core asset: data. The company does this through a robust suite of security services -- including governance, risk and compliance solutions; identity and access management solutions; investigative response; data protection and threat management services; and vulnerability management services -- delivered in the cloud or on premises. For more information on Verizon Security Services, click here. For ongoing security insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog.
Visit Us at RSA in San Francisco
Verizon will exhibit at the RSA Security Conference in San Francisco in Booth #917. During the show, Verizon’s RISK team is onsite to share intelligence and insight at its “Security Perspectives”
Verizon Communications Inc. (NYSE, Nasdaq- VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to consumer, business, government and wholesale customers. Verizon Wireless operates America’s most reliable wireless network, with more than 98 million retail connections nationwide. Verizon also provides converged communications, information and entertainment services over America’s most advanced fiber-optic network, and delivers integrated business solutions to customers in more than 150 countries, including all of the Fortune 500. A Dow 30 company with nearly $116 billion in 2012 revenues, Verizon employs a diverse workforce of 183,400. For more information, visit www.verizon.com.