SlideShare a Scribd company logo

V

Tino Cionni
Tino Cionni

bla bla bla

TechnologyNews & Politics
1 of 17
V erizon 2 0 11 Investigative Response (IR) Caseload Review
Data collection methodology Publication includes only incidents involving confirmed data compromise 90 data breach investigations Verizon Enterprise Risk and Incident Sharing (VERIS) framework to record case data • https://www2.icsalabs.com/veris
Demographics Lost largest amount of data 1)Information and Manufacturing industries 2)Financial sectors 3)Accommodation and Food Service Size of organizations Ranged from less than 100 to over 100,000 employees
Threat Agents VERIS recognizes three categories of agents 1)External 2)Internal 3)Partner Motives » 1)Financial gain » 2)Hacktivism (acts of protest and retaliation) » 3)Disgruntled former employees » Geographic origin of attacks » 1)EMEA » 2)Americas » 3)APAC
Threat agents over time by percent of breaches
Threat Actions 1 Categories Hacking Malware Social Misuse Physical Error Environmental
Threat Actions 2 99% of all stolen data involved the use of some form of hacking and malware Social tactics: half of all data loss
Threat Actions 3 Hacking and malware are the leaders in the field of data compromise because: Afford the attacker many advantages, including: Remote access Relatively easy automation Anonymity Easy getaway
Top 10 threat action varieties by number of breaches that occurred in 2011
Assets 1 Organizations Server • point-of-sale servers (POS) • web/application servers • database servers • End Users Desktops Laptop Point-of-sale terminals
ASSETS 2 What to steal? Data Payment cards Personal information (PII) Authentication credentials Trade secrets Copyrighted information
Timeframes and methods of breach discovery Time it took organizations to discover they had been the victim of a breach • 60% of cases it took months or years to figure this out • Discovery External party detected over two-thirds of breaches
Breach discovery timeframe by percent of records
Created by XFORCETEAM
About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainly devoted to issues of Malware Analysis and Network Security Monitoring and their diffusion through video tutorials and screencasts.
XFORCETEAM Contact us: xforceteam@webprog.net www.xforceteam.com https://twitter.com/XForceTeam http://www.facebook.com/pages/XForceTeam/353616747996041 http://www.youtube.com/user/WebProgNet and more …

Recommended

Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Vivek Mishra
 
Raimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksRaimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksGraeme Wood
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 

Recommended

Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Top Cloud Security Risks of 2020
Top Cloud Security Risks of 2020Vivek Mishra
 
Raimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksRaimund genes from traditional malware to targeted attacks
Raimund genes from traditional malware to targeted attacksGraeme Wood
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Latest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsLatest Top 10 Types of Cyber Security Threats
Latest Top 10 Types of Cyber Security ThreatsB R SOFTECH PVT LTD
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017PaladionNetworks01
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Netpluz Asia Pte Ltd
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omarzakuan zolkefly
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsCareer Communications Group
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
Information security
Information securityInformation security
Information securityAppin Faridabad
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016Sal Rodriguez
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYharsh arora
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Cyber
CyberCyber
Cyberwindows21
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019Omar Bshara
 
Presentation play
Presentation playPresentation play
Presentation playkathleenchina
 
61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013GE Grid Solutions
 

More Related Content

What's hot

Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017PaladionNetworks01
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Netpluz Asia Pte Ltd
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omarzakuan zolkefly
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsCareer Communications Group
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016Sal Rodriguez
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019Omar Bshara
 

What's hot (20)

Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior Analytics
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™ Cyber Risk Management in the New Digitalisation Age - eSentinel™
Cyber Risk Management in the New Digitalisation Age - eSentinel™
 
CYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku OmarCYBER SECURITY THREATS - Polytechnic Ungku Omar
CYBER SECURITY THREATS - Polytechnic Ungku Omar
 
Managing Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the ExpertsManaging Cyber Threats: A Cyber Security Conversation with the Experts
Managing Cyber Threats: A Cyber Security Conversation with the Experts
 
Digital Security
Digital Security Digital Security
Digital Security
 
The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard Raphael
 
Information security
Information securityInformation security
Information security
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident Report
 
ransomware_infographic-6-2016
ransomware_infographic-6-2016ransomware_infographic-6-2016
ransomware_infographic-6-2016
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020
 
Cyber
CyberCyber
Cyber
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoS
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
 
Cyber Security Report 2019
Cyber Security Report 2019Cyber Security Report 2019
Cyber Security Report 2019
 

Viewers also liked

61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013GE Grid Solutions
 
UVA-Wise
UVA-WiseUVA-Wise
UVA-Wisedch2x
 
я оля мартиневич
я оля мартиневичя оля мартиневич
я оля мартиневичVasyl' Pidhirs'kyi
 
Rita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino AccomplishmentsRita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino Accomplishmentsrpmbonnici
 
Salvation army finalized
Salvation army finalizedSalvation army finalized
Salvation army finalizedkathleenchina
 
Props final
Props finalProps final
Props finalmbonnett
 
61850IMU Substation Recorder
61850IMU Substation Recorder61850IMU Substation Recorder
61850IMU Substation RecorderGE Grid Solutions
 
Amazon - L'empire caché
Amazon - L'empire cachéAmazon - L'empire caché
Amazon - L'empire cachéGuillon Reno
 
Black history from another angle
Black history from another angleBlack history from another angle
Black history from another anglejanetcheathambell
 
Limelight Staged Homes
Limelight Staged HomesLimelight Staged Homes
Limelight Staged Homessharonlime
 
行銷活動作品
行銷活動作品行銷活動作品
行銷活動作品zoe0812
 
61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & SystemsGE Grid Solutions
 
Internet programciligi-2
Internet programciligi-2Internet programciligi-2
Internet programciligi-2major5
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad ReviewsGlassdoor
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x TechnologyWebVisions
 

Viewers also liked (19)

Presentation play
Presentation playPresentation play
Presentation play
 
61850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 201361850 IMU Substation Recorder 2013
61850 IMU Substation Recorder 2013
 
UVA-Wise
UVA-WiseUVA-Wise
UVA-Wise
 
Michael amaya
Michael amaya Michael amaya
Michael amaya
 
я оля мартиневич
я оля мартиневичя оля мартиневич
я оля мартиневич
 
Rita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino AccomplishmentsRita P M Bonnici Borsellino Accomplishments
Rita P M Bonnici Borsellino Accomplishments
 
Salvation army finalized
Salvation army finalizedSalvation army finalized
Salvation army finalized
 
Props final
Props finalProps final
Props final
 
61850IMU Substation Recorder
61850IMU Substation Recorder61850IMU Substation Recorder
61850IMU Substation Recorder
 
Amazon - L'empire caché
Amazon - L'empire cachéAmazon - L'empire caché
Amazon - L'empire caché
 
Black history from another angle
Black history from another angleBlack history from another angle
Black history from another angle
 
Limelight Staged Homes
Limelight Staged HomesLimelight Staged Homes
Limelight Staged Homes
 
行銷活動作品
行銷活動作品行銷活動作品
行銷活動作品
 
61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems61850easy Test Tool for IEC 61850 Networks & Systems
61850easy Test Tool for IEC 61850 Networks & Systems
 
Manual
ManualManual
Manual
 
61850easy Test Tool 2013
61850easy Test Tool 201361850easy Test Tool 2013
61850easy Test Tool 2013
 
Internet programciligi-2
Internet programciligi-2Internet programciligi-2
Internet programciligi-2
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad Reviews
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x Technology
 

Similar to V

Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response ManagementDon Caeiro
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewdr_edw777
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfJenna Murray
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9Amanda Case
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data securityKeith Braswell
 

Similar to V (20)

Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk Management
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overview
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdfCYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the Numbers
 
LIS3353 SP12 Week 9
LIS3353 SP12 Week 9LIS3353 SP12 Week 9
LIS3353 SP12 Week 9
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

V

  • 1. V erizon 2 0 11 Investigative Response (IR) Caseload Review
  • 2. Data collection methodology Publication includes only incidents involving confirmed data compromise 90 data breach investigations Verizon Enterprise Risk and Incident Sharing (VERIS) framework to record case data • https://www2.icsalabs.com/veris
  • 3. Demographics Lost largest amount of data 1)Information and Manufacturing industries 2)Financial sectors 3)Accommodation and Food Service Size of organizations Ranged from less than 100 to over 100,000 employees
  • 4. Threat Agents VERIS recognizes three categories of agents 1)External 2)Internal 3)Partner Motives » 1)Financial gain » 2)Hacktivism (acts of protest and retaliation) » 3)Disgruntled former employees » Geographic origin of attacks » 1)EMEA » 2)Americas » 3)APAC
  • 5. Threat agents over time by percent of breaches
  • 6. Threat Actions 1 Categories Hacking Malware Social Misuse Physical Error Environmental
  • 7. Threat Actions 2 99% of all stolen data involved the use of some form of hacking and malware Social tactics: half of all data loss
  • 8. Threat Actions 3 Hacking and malware are the leaders in the field of data compromise because: Afford the attacker many advantages, including: Remote access Relatively easy automation Anonymity Easy getaway
  • 9. Top 10 threat action varieties by number of breaches that occurred in 2011
  • 10. Assets 1 Organizations Server • point-of-sale servers (POS) • web/application servers • database servers • End Users Desktops Laptop Point-of-sale terminals
  • 11. ASSETS 2 What to steal? Data Payment cards Personal information (PII) Authentication credentials Trade secrets Copyrighted information
  • 12. Timeframes and methods of breach discovery Time it took organizations to discover they had been the victim of a breach • 60% of cases it took months or years to figure this out • Discovery External party detected over two-thirds of breaches
  • 13. Breach discovery timeframe by percent of records
  • 14.
  • 16. About XFORCETEAM XForceTeam is an independent group of researchers whose work is mainly devoted to issues of Malware Analysis and Network Security Monitoring and their diffusion through video tutorials and screencasts.
  • 17. XFORCETEAM Contact us: xforceteam@webprog.net www.xforceteam.com https://twitter.com/XForceTeam http://www.facebook.com/pages/XForceTeam/353616747996041 http://www.youtube.com/user/WebProgNet and more …