Download: Verizon 2013 Data Breach Investigations Report

Download: Verizon 2013 Data Breach Investigations Report: The 2013 DBIR combines the expertise of 19 organizations from around the globe. Download the report to discover stats that might surprise you—from the percentage of espionage-related attacks to the astonishing length of time it often takes to spot a security breach.


Executive Summary 2013 Data Breach Investigations Report

Verizon’s 2013 Data Breach Investigations Report (DBIR) provides truly global insights into the nature of data breaches that can help organizations of all sizes to better understand the threat and take the necessary steps to protect themselves. The breadth and depth of data represented in this year’s DBIR is unprecedented. It combines the efforts of 19 global organizations: law enforcement agencies, national incident-reporting entities, research institutions, and a number of private security firms — all working to study and combat data breaches.

Over the years the number of contributors has grown. Since we started publishing the DBIR in 2008, our partners have contributed data information on more than 2,500 confirmed data breaches — totaling more than a billion compromised records.

How can we turn all that raw data into information that you can use? The answer is VERIS, the Vocabulary for Event Recording and Incident Sharing. VERIS is a common, structured and repeatable language that describes who did what, to whom, with what result. By classifying all the information regarding the submitted breaches into this standardized format we can extract meaningful insight from what is an incredibly diverse dataset. You can find out more about VERIS at veriscommunity.net.

We’ll leave you with eight key recommendations:

• Eliminate unnecessary data; keep tabs on what’s left.

• Perform regular checks to ensure that essential controls are met.

• Collect, analyze and share incident data to create a rich information source that can drive security program effectiveness.

• Collect, analyze and share tactical threat intelligence, especially indicators of compromise (IOCs), that can greatly assist defense and detection.

• Without de-emphasizing prevention, focus on better and faster detection through a blend of people, processes, and technology.

• Regularly measure things like “number of compromised systems” and “mean time to detection”, and use these numbers to drive better practices.

• Evaluate the threat landscape to prioritize a treatment strategy. Don’t buy into a “one-size-fits-all” approach to security.

• Don’t underestimate the tenacity of your adversaries, especially espionage