Data Breach Digest is the latest report from Verizon RISK team. This is the same Verizon team that publishes Verizon Data Breach Investigations Report or more commonly known as DBIR. The main idea behind the Data Breach Digest is to share knowledge about specific data breaches with the security community. This is a report that tells story behind selected data breaches: What happened, who did it, how was it discovered, the response, and recommendations so that you can avoid being in the same situation. It is a must read for every information security professional.
How Data Breach Digest is different from Verizon Data Breach Investigations Report (DBIR)? DBIR is more about finding trends from a large amount of data that Verizon collects from many partners across the globe. Data Breach Digest, on the other hand, takes the readers closer to individual breaches. There are only 18 data breaches in the Data Breach Digest. However, each of these 18 data breaches are discussed in detail.
Data Breach Patterns are Very Common
As noted in the report, contrary to what people think, breaches are not usually unique and follow very common patterns. Twelve out of eighteen data breached included in the digest cover about 60% of all data breaches cases recorded in DBIR.
Six other data breaches cover the most “lethal” data breaches that were either difficult to detect/stop or had huge impact on business.
Just to give you an idea about what you will find in the report, the first data breach in the list involves a targeted social engineering attack. It describes how an employment offer to chief design engineer through a social media site resulted in loss of intellectual property including design of an innovative construction equipment. While reading the story behind the data breach, you will realize how attackers trap people through social engineering and how incident response is more than just tools and technologies and investigators need to have general investigative skills as well.
If you have incident response responsibility or you want to manage information security program effectively, this report is for you. You will learn techniques attackers are using and how to defend against similar attacks.
If there is one thing that a reader can take away from the Data Breach Digest, it would be Attack-Defend Cards included in the report. Each of the eighteen data breaches included in this report comes with one-page summary named Attack-Defend Card. This page summarizes the breach scenario (including frequency and sophistication level), who are the attackers and what are their techniques, useful data about the incident, and how to defend against it.
A Tool for Security Awareness
Data Breach Digest is a great tool for security awareness programs. Readers can use the Attack-Defend Cards very effectively in raising awareness across IT and non-IT communities.
Want to know about dangers of USB devices? There is a card for that! Partner misuse, there a card for that! SQL Injection, there is a card for that. You got the idea!
Relevance to Industry Sectors
Just like DBIR, this report also sheds light on particular scenarios that a specific industry must pay attention to. Manufacturers, Transportation, Utilities and Professional Services folks: Pay special attention to Cyber Espionage. Accommodation, entertainment, retailers and hotels? POS intrusion is your biggest area of worry. Mining? Keep an eye on insiders. In short, you will find relevance of specific data breaches covered in this report to your industry.
This report is a good read for the weekend or if you are on a long flight to a regional office on the other side of the continent. Enjoy and share with others!
Data Breach Digest can be downloaded from Verizon web site http://www.verizonenterprise.com/verizon-insights/data-breach-digest/2016/