CDSA

Verizon Enterprise: Data Breaches Becoming More Complex, Pervasive

Data breaches are becoming more complex and are no longer confined to just the IT department, but are now affecting every department within an organization. Each breach leaves a lingering, if not lasting imprint on an enterprise, finds the 2017 Data Breach Digest.

As we found in the Verizon 2016 Data Breach Investigations Report (DBIR), the human element is again front and center this year. Humans continue to play a significant role in data breaches and cybersecurity incidents, fulfilling the roles of threat actors, targeted victims and incident response stakeholders.

Now in its second edition, Verizon’s Data Breach Digest details 16 common breach scenarios, inviting the reader to take a behind-the-scenes look at cyber investigations that tell the stories behind the company’s annual Data Breach Investigations Report (DBIR). The cases are each told from the perspective of the various stakeholders involved, such as corporate communications, legal counsel, or the human resources professional.

“Data breaches are growing in complexity and sophistication,” said Bryan Sartin, executive director, the RISK Team, Verizon Enterprise Solutions. “In working with victim organizations, we find that breaches touch every part of an organization up to and including its board of directors. Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price.

“The Data Breach Digest is designed to help businesses and government organizations understand how to identify signs of a data breach, important sources of evidence and ways to quickly investigate, contain and recover from a breach,” added Sartin.

 

The report once again confirms that there is a finite set of scenarios that occur with data breaches but many permutations occur within each, leading to an expansive range of damage that can be observed in the aftermath of a data breach. Breaches in the Digest are defined by type of breach, industry, one of nine DBIR incident patterns, and by stakeholder involvement.

This year’s 16 data breach scenarios are also classified according to their prevalence and lethality in the field. Ten of the cases represent more than 60 percent of the 1,400 cases investigated by Verizon’s Research, Investigations, Solutions and Knowledge (RISK) Team over the past three years, while the other six are less common but considered lethal or highly damaging to an organization.

For each scenario, you go through a detailed analysis of how the attack occurred, level of sophistication, threat actors involved, tactics and techniques used and recommended countermeasures. Content is derived from the RISK Team caseload and categorized according to the standardized VERIS (Vocabulary for Event Recording and Incident Sharing) Framework used to compile the DBIR.

The report groups the 16 scenarios into four different types of breaches and gives each a personality, including these select examples:

The human element
  • Partner misuse – The Indignant Mole
  • Disgruntled employee  – The Absolute Zero
Conduit devices
  • Mobile assault  – The Secret Squirrel
  • IoT calamity – The Panda Monium
Configuration exploitation
  • Cloud storming – The Acumulus Datum
  • DDoS attack – The 12000 Monkeyz
Malicious software
  • Crypto Malware – The Fetid Cheez
  • Unknown unknowns – The Polar Vortex

This year’s report points to five actions an organization should take in the aftermath of a breach:

  • Preserve evidence; consider consequences of every action taken
  • Be flexible; adapt to evolving situations
  • Establish consistent methods for communication
  • Know your limitations; collaborate with other key stakeholders
  • Document actions and findings; be prepared to explain them.

To preserve anonymity, Verizon has modified/excluded certain details of each real-world situation including changing names, geographic locations, quantity of records stolen and monetary loss details. Everything else has been imported straight from Verizon’s case files.

The Verizon RISK Team performs cyber investigations for hundreds of commercial enterprises and government agencies across the globe. In 2016, the RISK team investigated more than 500 cybersecurity incidents in more than 40 countries.  In 2008, the results of this team’s field investigations were the genesis of the first Data Breach Investigations Report, an annual publication that dissects real-world data breaches with the goal of enlightening the public about the nature of threat actors behind the attacks, the methods they use, including the data they seek and the victims they target.

  • linkedin
  • fb
  • twitter
  • google plus
  • email

TOP HEADLINES

  • Microsoft, Box Ink Yet Another Cloud Partnership (Fortune)On Tuesday, Box named Microsoft Azure as a "strate more...

  • CIOs Should Step Into the IoT Oversight Void (CIO)If you think your organization is taking oversight more...

  • Cisco, Apple Chiefs Discuss Further Partnership Opportunities (ZDNet)Cisco and Apple are looking to expand their partne more...

  • AWS to Open Hong Kong Region (Datacenter Dynamics)Amazon Web Services will open a cloud region in Ho more...

  • The App Economy Will be Worth $6 Trillion in Five Years Thanks to Mobile Commerce (Re/code)In five years, the app economy will be worth $6.3 more...

  • Fox Sports Pacts With Facebook to Live-Stream European Soccer Championships (Variety)Facebook has scored more live sports for its growi more...

  • IBM Landed a Big Win in the Race to Sell Blockchain to Wall Street (BI)IBM has been selected to build a new blockchain-ba more...

  • Want to Succeed at Data-Driven Transformation? Start Slow (Information Week)Data-driven transformation efforts often fail beca more...

  • Why the ‘As-A-Service’ Model Works So Well for Digital Transformation (Forbes)Digital transformation has a way of changing not j more...

  • The Top 3 Technologies Expected to Transform Business by 2020 (Salesforce Blog)AI is now ingrained in everything we do. Any of th more...

  • 7 Digital Trends that Will Change Business Forever (CMO)VR Now Just One Of The Gang: After the initial rus more...

  • Why ‘Peak TV’ is Further Away Than We Think (Fortune)How much tv is too much TV? A record 454 scripted more...


OUR MEMBERS