A study conducted by Verizon Business Brief by Hosam W. El Dakhakhni, CISSP, CISM, CISA, CIA, CGEIT 2009 DATA BREACH INVESTIGATIONS REPORT 2009 DATA BREACH INVESTIGATIONS REPORT
May 24, 2015
A study conducted by Verizon Business
Brief by Hosam W. El Dakhakhni, CISSP, CISM, CISA, CIA, CGEIT
2009 DATA BREACH INVESTIGATIONS REPORT2009 DATA BREACH INVESTIGATIONS REPORT
This brief will cover thefollowing:
• My Conclusions• Quick Facts• Key Highlights• Findings, Conclusions,
and Countermeasures• TVM-Doing More For
Less• Summary of
Recommendations• Q & A
This brief will cover thefollowing:
• My Conclusions• Quick Facts• Key Highlights• Findings, Conclusions,
and Countermeasures• TVM-Doing More For
Less• Summary of
Recommendations• Q & A
QUICK FACTSQUICK FACTS
All results are based on firsthand evidence collectedduring 90 data breach investigations occurring in 2008conducted by Verizon Business.
Only confirmed breaches are included. (not “data-at-risk”)
Most of the statistics presented refer to the percentageof cases, the percentage of records breached, or simplythe number of cases.
The authors make no claim that the findings of thisreport are representative of all data breaches in allorganizations at all times.
All results are based on firsthand evidence collectedduring 90 data breach investigations occurring in 2008conducted by Verizon Business.
Only confirmed breaches are included. (not “data-at-risk”)
Most of the statistics presented refer to the percentageof cases, the percentage of records breached, or simplythe number of cases.
The authors make no claim that the findings of thisreport are representative of all data breaches in allorganizations at all times.
Roughly 20 percent of cases involved more than onebreach
Nearly half of the caseload had distinct patterns andcommonalities
A little over 1/3 of the cases were made public (so far)
Roughly 20 percent of cases involved more than onebreach
Nearly half of the caseload had distinct patterns andcommonalities
A little over 1/3 of the cases were made public (so far)
KEY HIGHLIGHTSKEY HIGHLIGHTS
FINDINGS, CONCLUSIONS, ANDFINDINGS, CONCLUSIONS, ANDCOUNTERMEASURESCOUNTERMEASURES
Align process with policyAchieve “Essential” then worry about “Excellent”Secure Business Partner ConnectionsCreate a Data Retention PlanControl data with transaction zonesMonitor event logsCreate an Incident Response PlanIncrease awarenessEngage in mock incident testingChanging default credentials is keyAvoid shared credentialsUser Account ReviewApplication Testing and Code ReviewSmarter Patch Management StrategiesHuman Resources Termination ProceduresEnable Application Logs and Monitor
Align process with policyAchieve “Essential” then worry about “Excellent”Secure Business Partner ConnectionsCreate a Data Retention PlanControl data with transaction zonesMonitor event logsCreate an Incident Response PlanIncrease awarenessEngage in mock incident testingChanging default credentials is keyAvoid shared credentialsUser Account ReviewApplication Testing and Code ReviewSmarter Patch Management StrategiesHuman Resources Termination ProceduresEnable Application Logs and Monitor
Hosam W. El Dakhakhni, CISSP, CISM, CISA, CIA, CGEITPrincipal - R!SC
Visit us at www.it-risc.comContact us at [email protected]