CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Sloppy Security Faulted in Data Breach Study

A shocking 87 percent of the victims in a study of data breaches jointly conducted by Verizon and the U.S. Secret Service had evidence of the breach in their log files, yet missed it. According to the 2010 Verizon Data Breach Investigations Report, 60 percent of breaches were discovered by external parties, and then only after a considerable amount of time.

Most breaches were considered avoidable if security basics had been followed Only 4 percent of breaches assessed required difficult and expensive protective measures.

A shocking 87 percent of the victims in a study of data breaches jointly conducted by Verizon and the U.S. Secret Service had evidence of the breach in their log files, yet missed it. According to the 2010 Verizon Data Breach Investigations Report, 60 percent of breaches were discovered by external parties, and then only after a considerable amount of time.

Most breaches were considered avoidable if security basics had been followed Only 4 percent of breaches assessed required difficult and expensive protective measures.

The new report covers 900-plus breaches involving more than 900 million compromised records. Some of the key findings:2010 Verizon Data Breach Investigations Report

• Most data breaches investigated were caused by external sources. Sixty-nine percent of breaches resulted from these sources.

• Many breaches involved privilege misuse. Forty-eight percent of breaches were attributed to users who, for malicious purposes, abused their right to access corporate information.

• As in previous years, nearly all data was breached from servers and online applications.

• Meeting PCI-DSS compliance continues to be critically important. Seventy-nine percent of victims subject to the PCI-DSS standard hadn’t achieved compliance prior to the breach.

Financial services, hospitality and retail still comprise the “Big Three” of industries affected (33 percent, 23 percent and 15 percent, respectively).

Strict Security Crucial

Advertisement. Scroll to continue reading.

The report recommends strict adherence to basic security procedures as the key to avoiding daa breaches. These procedures include:

• Restricting and monitoring privileged users. The data from the Secret Service showed that there were more insider breaches than ever before. According to the report, the best preventive strategies for controlling insiders are pre-employment screening, limits on user privileges and separation of duties. Privileged use should be logged and messages detailing activity generated for management.

• Attention to “minor” policy violations. The study finds a correlation between seemingly minor policy violations and more serious abuse. Based on case data, the presence of illegal content on user systems or other inappropriate behavior is a reasonable indicator of a future breach. Actively searching for such indicators is recommended.

• Prevention of credential theft. Keeping credential-capturing malware off systems should priority No. 1. Two-factor authentication is recommended where appropriate.

• Monitoring and filtering outbound traffic. In many breaches, something (data, communications, connections) goes out externally via an organization’s network which, if prevented, could break the chain and stop the breach.

• Improving event monitoring and log analysis. Almost all victims of a breach have evidence of that breach in their logs. Ensuring that there are adequate resources to monitor these logs carefully reduces the risk of breach.

Verizon Data Breach Investigations Report 2010

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.