Verizon 2013 Data Breach Investigations Report: First Impressions

If there is one word that summarizes the 2013 Verizon Data Breach Investigations Report released today, it’s breadth. Breadth among the contributing organizations, and breadth of the data. 19 different organizations contributed to the 2013 report, making for the most comprehensive Verizon DBIR data set to date. The sheer variety in the ways contributors organize [...]

By | April 23rd, 2013|Security|0 Comments

When Breaches Affect a Lot More than the Victim: How Much Security Is Enough?

Another report of a breach at a technology vendor much of the industry depends upon for security and trust; this time, Verisign. The most immediate concern about this incident was that the attacks in question occurred in 2010, and were not widely known until Reuters discovered the disclosure in the company’s reporting as required to [...]

By | February 3rd, 2012|Security|0 Comments

The 2011 Verizon Data Breach Investigations Report Deserves a Closer Look

2011 Verizon DBIR

It’s that time of year again, when the Verizon RISK Team blossoms forth with its latest, much-awaited Data Breach Investigations Report – and with a number of new and (to some) astonishing findings, the 2011 version did not disappoint (you can get it here). This year’s report, however, has some important subtleties that could easily [...]

By | April 20th, 2011|Security|3 Comments

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers

A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their [...]

By | March 22nd, 2011|Security|0 Comments

Verizon Publishes its VERIS Community Application

The Verizon RISK team have just published their VERIS community application. Structured on the VERIS (Verizon Enterprise Risk and Incident Sharing) framework, this application is a tool they have made available to extend to anyone the ability to contribute information on data breach incidents, to enrich the already considerable body of breach data Verizon has [...]

By | November 11th, 2010|Security|0 Comments
Load More Posts