data breach « Scott Crawford

Verizon 2013 Data Breach Investigations Report: First Impressions

posted by Scott Crawford | April 23, 2013 | 0 Comments

2013dbir_img

If there is one word that summarizes the 2013 Verizon Data Breach Investigations Report released today, it’s breadth. Breadth among the contributing organizations, and breadth of the data. 19 different organizations contributed to the 2013 report, making for the most comprehensive Verizon DBIR data set to date. The sheer variety in the ways contributors organize...

Posted in Security Tags: data breach, Data-driven security, DBIR, Trends, Verizon

When Breaches Affect a Lot More than the Victim: How Much Security Is Enough?

posted by Scott Crawford | February 3, 2012 | 0 Comments

Another report of a breach at a technology vendor much of the industry depends upon for security and trust; this time, Verisign. The most immediate concern about this incident was that the attacks in question occurred in 2010, and were not widely known until Reuters discovered the disclosure in the company’s reporting as required to...

Posted in Security Tags: Comodo, data breach, DigiNotar, New School, RSA Security, Symantec, Verisign

The 2011 Verizon Data Breach Investigations Report Deserves a Closer Look

posted by Scott Crawford | April 20, 2011 | 3 Comments

2011 Verizon DBIR

It’s that time of year again, when the Verizon RISK Team blossoms forth with its latest, much-awaited Data Breach Investigations Report – and with a number of new and (to some) astonishing findings, the 2011 version did not disappoint (you can get it here). This year’s report, however, has some important subtleties that could easily...

Posted in Security Tags: data breach, Data-driven security, DBIR, Verizon

RSA SecurID Breach: The Arguments For-and Against-Soonest Disclosure

posted by Scott Crawford | March 23, 2011 | 0 Comments

This morning, friend shrdlu pointed out that RSA might indeed have entirely legitimate reasons for being so deliberate in avoiding a rush to disclose information about the breach of SecurID information: Guys, unless you’ve dealt with this from the executive seat before, you don’t know the other issues. She has a point. Like her, I...

Posted in Security Tags: data breach, EMC Corporation, RSA breach, RSA Security, SecurID

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers

posted by Scott Crawford | March 22, 2011 | 0 Comments

A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their...

Posted in Security Tags: data breach, HCIA, RSA breach, RSA Security, SecurID

Verizon Publishes its VERIS Community Application

posted by Scott Crawford | November 11, 2010 | 0 Comments

The Verizon RISK team have just published their VERIS community application. Structured on the VERIS (Verizon Enterprise Risk and Incident Sharing) framework, this application is a tool they have made available to extend to anyone the ability to contribute information on data breach incidents, to enrich the already considerable body of breach data Verizon has...

Posted in Security Tags: data breach, Information security, New School, risk management, Security, Verizon

Subscribe

Subscribe to the RSS feed for Scott Crawford

Desktop Reader Bloglines Google Live Netvibes Newsgator Yahoo! What's This?
Tags

Apple BI big data CCM Change management Cloud Cloud computing Data-driven security data breach DBIR Dell EMC Corporation Firewalls Hadoop Hardware virtualization HCIA IBM IDS Information security Intel intelligence Intrusion Detection Systems IT risk McAfee Mobile NetWitness Network security New School PDCA Privacy risk management RSA breach RSA Conference RSA Security SecurID Security Security as a Service Security management SIEM Trends Unified Threat Management Verizon Virtualization visibility Zettaset
- No public Twitter messages.
Blogroll
Archives
Recent Posts

More EMA Bloggers

Shawn Rogers
Julie Craig
John Myers
Jim Frey
Torsten Volk
Dennis Drogseth
Tracy Corbo
Steve Brasen
Dan Twing

EMA Blog Community

Verizon 2013 Data Breach Investigations Report: First Impressions

When Breaches Affect a Lot More than the Victim: How Much Security Is Enough?

The 2011 Verizon Data Breach Investigations Report Deserves a Closer Look

RSA SecurID Breach: The Arguments For-and Against-Soonest Disclosure

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers

Verizon Publishes its VERIS Community Application

Subscribe

Tags

Blogroll

Archives

Recent Posts

More EMA Bloggers