2016 Data Breach Investigations Report

Slides:



Advertisements
Similar presentations
1 Confidential and proprietary material for authorized Verizon Foundation personnel only. Use, disclosure or distribution of this material is not permitted.
Advertisements

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary material for authorized Verizon Business personnel only. Use, disclosure or distribution of this material is not permitted.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary material for authorized Verizon Business personnel only. Use, disclosure or distribution of this material is not permitted.
Confidential and proprietary material for authorized Verizon Business personnel only. Use, disclosure or distribution of this material is not permitted.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary material for authorized Verizon Business personnel only. Use, disclosure or distribution of this material is not permitted.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Confidential and proprietary material for authorized Verizon Business personnel only. Use, disclosure or distribution of this material is not permitted.
Threats and vulnerabilities
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior.
© 2010 Verizon. All Rights Reserved. PTE / DBIR.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
CHALLENGES OF MANAGING STATE DATA SYSTEMS. 70CONTRIBUTINGORGANIZATIONS 79,790 SECURITY INCIDENTS 2,122 CONFIRMED DATA BREACHES 61 COUNTRIES REPRESENTED.
Confidential and proprietary material for authorized Verizon personnel only. Use, disclosure or distribution of this material is not permitted to any unauthorized.
Welcome to the 3 rd Plenary Meeting February 5-7 th, 2013.
IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.
Ali Alhamdan, PhD National Information Center Ministry of Interior
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.
Security Mindset Lesson Introduction Why is cyber security important?
Health Information Delivery Services and Solutions Peter Tippett, MD, PhD, Chairman Information Risk & Security in Healthcare Data Breach Investigation.
Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.
TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we.
October 28, 2015 Cyber Security Awareness Update.
Washington State Auditor’s Office Cybersecurity Preparing for the Inevitable Washington State Auditor’s Office Peg Bodin, CISA, Local IS Audit Manager.
Confidential and proprietary material for authorized Verizon Incorporated personnel only. Use, disclosure or distribution of this material is not permitted.
Primary and Backup Connectivity. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or.
Travel & Hospitality. Guest services Digital signage Automated retail Mobile operations management Remote monitoring Learn how new technologies pave the.
Federal Civilian. Mobile health Private network traffic management Remote monitoring Field force automation Fleet management See how to go from aging.
Construction. Asset management Field force management Fleet management Mobile job site Automated maintenance Learn how to turn job site chaos into choreography.
Manufacturing. Mobile workforce management Asset management Intelligent track and trace Condition-based maintenance Remote monitoring Learn how to ramp.
Why Verizon. Network performance Breadth of solutions See why better matters when doing business: Confidential and proprietary materials for authorized.
Retail. Business connectivity Asset management Fleet management Mobile POS Automated retail Learn how to expand your business with better technology:
Automotive. Intelligent lighting Lot management Intelligent video Business continuity Remote monitoring Learn how to increase productivity through innovative.
Department of Defense. Business continuity Private network traffic management Logistics automation Fleet management Field force automation See how to.
Energy & Utilities. Smart metering Demand response Meter data management Distribution monitoring Fleet management Find out what Verizon can do for utilities.
September 19, 2016 Steve Konecny CFE, CIRA, CEH, CRISC Hands on Hacking.
Why Verizon. Network performance Breadth of solutions See why better matters when doing business: Confidential and proprietary materials for authorized.
November 14, 2016 bit.ly/nercomp_defendingyourdata16
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
CYBER SECURITY PANDEMIC
Team 1 – Incident Response
Professional Services
Finance Speaker notes:
Verizon Innovative Learning Minority Males
Dissecting the Cyber Security Threat Landscape
Agriculture Speaker notes:
Jon Peppler, Menlo Security Channels
Give priority to your critical communications.
Information Security: Risk Management or Business Enablement?
Cybersecurity Awareness
I have many checklists: how do I get started with cyber security?
SAM GDPR Assessment <Insert partner logo here>
Strong Security for Your Weak Link:
One Talk from Verizon One TalkSM offers a flexible, scalable phone system that combines employees’ desk phones and mobile phones using the same number.
Anatomy of a Large Scale Attack
Strategic threat assessment
Information Protection
Information Protection
Anatomy of a Common Cyber Attack
Presentation transcript:

2016 Data Breach Investigations Report Understand what you’re up against. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. PTE16708

2016 DBIR Contributors

VERIS framework Actor – Who did it? Action – How’d they do it? Asset – What was affected? Attribute – How was it affected? / 3

Security incidents vs data breaches 4

2016 Data Breach Investigations Report Ninth edition. 2,260 analyzed breaches. 100K incidents. Data from 67 contributors. 82 countries.

The who, where and why.

Attackers are usually external to the victim’s organization. But you still need to be aware of the internal threat.

Threat Actors

Attackers are typically after the money. 80% Financial Espionage 9%

Actions over Time

Asset Type

How do they get in?

They’ve got the right credentials. 63 of confirmed data breaches involved leveraging a weak, default or stolen password. %

30 of phishing messages were opened. Phishing still works. % 30 of phishing messages were opened. 13 of targets went on to click the attachment or link. %

100 seconds On average, it takes less than 2 minutes for a phishing campaign to get its first open. And less than 4 minutes to get its first click.

The same old vulnerabilities exist. Most attacks exploit known vulnerabilities where a patch has been available for months, if not years. 85 of successful exploit traffic is from the top 10 vulnerabilities. %

Many breaches share the same threat actions in the early stages of the attack. What happens next is determined by the attacker’s end game.

How quickly do they get in?

The detection deficit is growing.

Breach Discovery Method Over Time Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.

What can you do?

86% of security incidents fit into just nine incident classification patterns.

Over 90% of breaches fit into just nine incident classification patterns.

Patterns by Industry

The Cost of a Breach by Cyber Insurance Payouts

Use the lessons learned from analyzing more than 2,000 confirmed data breaches. Read the 2016 DBIR: VerizonEnterprise.com/DBIR2016

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.