SlideShare a Scribd company logo

PCI forensic investigations

European Merchant Services
European Merchant Services
Economy & FinanceBusinessTechnology
1 of 24
Download to read offline
Online fraud is still a big problem and as long as the number of online shoppers continues to grow, so will the number of fraud cases. According to the European Central Bank there were 7.9 million cases of fraud with a value of 1.16 billion euros in 2011 of which 56% took place in e-commerce. European Merchant Services organizes the EMS RISK EVENT annually for retailers who are active in e-commerce and multichannel. It is an excellent opportunity to increase your knowledge in the field of online fraud, risk management and advanced fraud prevention and detection tools. We help you to stay ahead of online fraudsters and to protect your online business by sharing the knowledge and experience of our fraud and risk experts, our customers and our partners. Do you want to attend next year’s EMS RISK EVENT? Please contact the EMS Marketing Department at T +31 20 660 3054 or send an email to marketing@emscard.com. For more information visit www.emscard.com/riskevent Follow us on:
PID# Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. PCI Forensic Investigations Presented by Ben Van Erck EMEA RISK team
4 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4 PROPRIETARY STATEMENT © 2013 Verizon. All Rights Reserved. The Verizon and Verizon Business names and logos and all other names, logos, and slogans identifying Verizon’s products and services are trademarks and service marks or registered trademarks and service marks of Verizon Trademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners. This document and any attached materials are the sole property of Verizon and are not to be used by you other than to evaluate Verizon’s service. This document and any attached materials are not to be disseminated, distributed, or otherwise conveyed throughout your organization to employees without a need for this information or to any third parties without the express written permission of Verizon.
5 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 5 INTRODUCTION
6 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6 RISK Team: More than an acronym RESEARCH INVESTIGATIONS SOLUTIONS KNOWLEDGE
7 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 7 OUR TEAM •Diverse investigator backgrounds •Licensed private investigators •Truly global coverage — 24x7 -Investigators based in 16 countries -Forensic labs and evidence storage facilities in America, Europe, and Asia-Pacific •No subcontractors •Global PFI Firm OUR SERVICES •IT investigative support (on-demand) •Guaranteed response (retainer-based) •eDiscovery and litigation support •PCI forensic investigations •Electronic data recovery/destruction •Incident response training •Mock-incident exercises •Corporate IR program development VERIZON RISK TEAM HAS INVESTIGATED 8 OUT OF 10 OF THE WORLD’S LARGEST DATA BREACHES (http://www.idtheftcenter.com/) RISK TEAM OVERVIEW
8 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 8 DATA BREACHES
9 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 9
10 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 10 The DBIR analyzes forensic evidence to uncover how sensitive data is stolen from organizations, who’s doing it, why they’re doing it, and what can be done to prevent it.
11 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 11 VARIED MOTIVATIONS VARIED TACTICS • Aim is to maximize disruption and embarrass victims from both public and private sector. • Use very basic methods and are opportunistic. • Rely on sheer numbers. • Motivated by financial gain, so will take any data that might have financial value. • More calculated and complex in how they chose their targets. • Criminals are now trading information for cash. • Often state-sponsored. • Driven to get exactly what they want, from intellectual property to insider information. • Often state-sponsored, use most sophisticated tools to commit most targeted attacks. • Tend to be relentless. WHO ARE THE ATTACKERS?
12 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 12 THIS YEAR’S BIGGEST THREATS? SAME AS LAST YEAR’S. WHAT TO WORRY ABOUT • Very few surprises, mostly variations on theme. • 75% of breaches were driven by financial motives. • 95% of espionage relied on plain old phishing. • Well-established threats shouldn’t be ignored.
13 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 13 • The weak links haven’t changed much: –Desktops 25% –File servers 22% –Laptops 22% • Unapproved hardware accounts for 43% of misuse cases. WHAT DO ATTACKERS TARGET? STILL THE TRADITIONAL ASSETS. WHAT TO WORRY ABOUT
14 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Difficulty of initial compromise 14
15 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 15 • In 84% of cases, initial compromise took hours or less. WHAT TO WORRY ABOUT QUICK TO COMPROMISE
16 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 16 SLOW TO DISCOVERY • 66% of breaches went undiscovered for months… … Or even years. QUICK TO COMPROMISE WHAT TO WORRY ABOUT
17 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Discovery methods 17
RECOMMENDATIONS
19 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 19 ADDITIONAL INFORMATION • Download DBIR – www.verizonenterprise.com/dbir • Learn about VERIS - www.veriscommunity.net and http://github.com/vz-risk/veris • Explore the VERIS Community Database: http://public.tableausoftware.com/views/vcdb/Overview and learn more about this data http://veriscommunity.net/doku.php?id=public • Ask a question – DBIR@verizon.com • Read our blog - http://www.verizonenterprise.com/security/blog/ • Follow on Twitter - @vzdbir and hashtag #dbir
20 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 20 PCI FORENSIC INVESTIGATIONS
21 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 21 WHAT ARE WE TRYING TO ACHIEVE? GOALS OF A PFI INVESTIGATION 1) Mobilize and respond to the potential security breach and assist in efforts to mitigate further damage; 2) Investigate the security breach and identify, to the extent possible, the source of the security breach; 3) Ascertain, to the extent possible, any compromised cardholder data and provide at- risk information to the respective owners to minimize any impact to the consumer and customer; 4) Identify, to the extent possible, any other details of evidentiary value relative to the security breach; and, 5) Transition, if and only as directed by the customer, any evidence and findings to law enforcement.
22 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 22 WHAT IS EXPECTED OF YOU? VICTIM RESPONSIBILITIES 1) Retaining evidence of compromise; 2) Hire a PFI; (list of approved PFI’s on PCI SSC website) 3) Cooperate with the PFI, acquirer, and/or Participating Payment Brand; 4) Allowing the PFI to drive the PFI Investigation; 5) Participating in discussions with affected Participating Payment Brands and the PFI; 6) Resolving any security weaknesses identified; 7) Notifying acquirers and Participating Payment Brands; and, 8) Notifying and working with law enforcement as applicable.
23 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 23 KEY DEADLINES VICTIM RESPONSIBILITIES Notification of the brands involved: - “Immediately” After notification that PFI is required: -Identify PFI within five (5) business days; -Ensure that the PFI is engaged within ten (10) business days; and -The PFI must be onsite within five (5) business. Reporting: -Preliminary Incident Response Report - five (5) business days; -Final Incident Report - ten (10) business days; -PIN Security Requirements Report - ten (10) business days; -Monthly Status Reports
24 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 24 DBIR: www.verizon.com/enterprise/databreach VERIS: www.veriscommunity.net/

Recommended

Cloud Edge Computing: Beyond the Data Center
Cloud Edge Computing: Beyond the Data CenterCloud Edge Computing: Beyond the Data Center
Cloud Edge Computing: Beyond the Data CenterMassTLC
 
FedTalks Keynote
FedTalks KeynoteFedTalks Keynote
FedTalks Keynotescoopnewsgroup
 
850 keynote golany
850 keynote golany850 keynote golany
850 keynote golanyRising Media, Inc.
 
Cyber Threat Prevention in Todays World
Cyber Threat Prevention in Todays World Cyber Threat Prevention in Todays World
Cyber Threat Prevention in Todays World Dave Thompson
 
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance Career Communications Group
 
FINANCIAL JIHAD PRESENTATION
FINANCIAL JIHAD PRESENTATIONFINANCIAL JIHAD PRESENTATION
FINANCIAL JIHAD PRESENTATIONKelli Waxman
 
Three-Layer Model for the Control of Online Content: A Study on Thailand
Three-Layer Model for the Control of Online Content: A Study on ThailandThree-Layer Model for the Control of Online Content: A Study on Thailand
Three-Layer Model for the Control of Online Content: A Study on ThailandArthit Suriyawongkul
 
Want a Security Clearance? This Is What You Need to Know
Want a Security Clearance? This Is What You Need to KnowWant a Security Clearance? This Is What You Need to Know
Want a Security Clearance? This Is What You Need to KnowCareer Communications Group
 

Recommended

Cloud Edge Computing: Beyond the Data Center
Cloud Edge Computing: Beyond the Data CenterCloud Edge Computing: Beyond the Data Center
Cloud Edge Computing: Beyond the Data CenterMassTLC
 
FedTalks Keynote
FedTalks KeynoteFedTalks Keynote
FedTalks Keynotescoopnewsgroup
 
850 keynote golany
850 keynote golany850 keynote golany
850 keynote golanyRising Media, Inc.
 
Cyber Threat Prevention in Todays World
Cyber Threat Prevention in Todays World Cyber Threat Prevention in Todays World
Cyber Threat Prevention in Todays World Dave Thompson
 
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance
BEYA2021 The Top Secret: Applying for and Leveraging a Security Clearance Career Communications Group
 
FINANCIAL JIHAD PRESENTATION
FINANCIAL JIHAD PRESENTATIONFINANCIAL JIHAD PRESENTATION
FINANCIAL JIHAD PRESENTATIONKelli Waxman
 
Three-Layer Model for the Control of Online Content: A Study on Thailand
Three-Layer Model for the Control of Online Content: A Study on ThailandThree-Layer Model for the Control of Online Content: A Study on Thailand
Three-Layer Model for the Control of Online Content: A Study on ThailandArthit Suriyawongkul
 
Want a Security Clearance? This Is What You Need to Know
Want a Security Clearance? This Is What You Need to KnowWant a Security Clearance? This Is What You Need to Know
Want a Security Clearance? This Is What You Need to KnowCareer Communications Group
 
Cyber threats sample
Cyber threats sampleCyber threats sample
Cyber threats sampleRichard Smiraldi
 
Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation SampleRichard Smiraldi
 
WE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's ResponsibilityWE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's ResponsibilitySociety of Women Engineers
 
Verizon Enterprise Solutions Overview
Verizon Enterprise Solutions OverviewVerizon Enterprise Solutions Overview
Verizon Enterprise Solutions OverviewJayHicks
 
Functional Programming at Verizon
Functional Programming at VerizonFunctional Programming at Verizon
Functional Programming at VerizonTimothy Perrett
 
Verizon January 8, 2014
Verizon January 8, 2014Verizon January 8, 2014
Verizon January 8, 2014AFCEA Alaska Chapter
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
Transportation_1b-1
Transportation_1b-1Transportation_1b-1
Transportation_1b-1Tyson Bivens
 
Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...VMware Tanzu
 
Mason Nelder_SXSW2015
Mason Nelder_SXSW2015Mason Nelder_SXSW2015
Mason Nelder_SXSW2015W2O Group
 
Vnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path ForwardVnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path ForwardRavi kumar Chunduru
 
2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmc2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmcBryan M. Chavis
 
Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour Ramon Ray
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTForgeRock
 
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Amazon Web Services
 
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011Interactive TV Commerce
 
The Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the SunThe Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the Sun3Play Media
 
Verizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User ExperienceVerizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User ExperienceVerizon
 
Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day Raul Hugo
 
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...Lattice Engines
 
European Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de HorecaEuropean Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de HorecaEuropean Merchant Services
 
Presentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigersPresentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigersEuropean Merchant Services
 

More Related Content

Similar to PCI forensic investigations

Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation SampleRichard Smiraldi
 
WE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's ResponsibilityWE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's ResponsibilitySociety of Women Engineers
 
Verizon Enterprise Solutions Overview
Verizon Enterprise Solutions OverviewVerizon Enterprise Solutions Overview
Verizon Enterprise Solutions OverviewJayHicks
 
Functional Programming at Verizon
Functional Programming at VerizonFunctional Programming at Verizon
Functional Programming at VerizonTimothy Perrett
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
Transportation_1b-1
Transportation_1b-1Transportation_1b-1
Transportation_1b-1Tyson Bivens
 
Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...VMware Tanzu
 
Mason Nelder_SXSW2015
Mason Nelder_SXSW2015Mason Nelder_SXSW2015
Mason Nelder_SXSW2015W2O Group
 
Vnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path ForwardVnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path ForwardRavi kumar Chunduru
 
2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmc2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmcBryan M. Chavis
 
Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour Ramon Ray
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTForgeRock
 
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Amazon Web Services
 
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011Interactive TV Commerce
 
The Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the SunThe Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the Sun3Play Media
 
Verizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User ExperienceVerizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User ExperienceVerizon
 
Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day Raul Hugo
 
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...Lattice Engines
 

Similar to PCI forensic investigations (20)

Cyber threats sample
Cyber threats sampleCyber threats sample
Cyber threats sample
 
Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation Sample
 
WE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's ResponsibilityWE16 - Cyber Security - Security is Everyone's Responsibility
WE16 - Cyber Security - Security is Everyone's Responsibility
 
Verizon Enterprise Solutions Overview
Verizon Enterprise Solutions OverviewVerizon Enterprise Solutions Overview
Verizon Enterprise Solutions Overview
 
Functional Programming at Verizon
Functional Programming at VerizonFunctional Programming at Verizon
Functional Programming at Verizon
 
Verizon January 8, 2014
Verizon January 8, 2014Verizon January 8, 2014
Verizon January 8, 2014
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with Less
 
Transportation_1b-1
Transportation_1b-1Transportation_1b-1
Transportation_1b-1
 
Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...Monitoring and troubleshooting spring boot microservices arch in production o...
Monitoring and troubleshooting spring boot microservices arch in production o...
 
Mason Nelder_SXSW2015
Mason Nelder_SXSW2015Mason Nelder_SXSW2015
Mason Nelder_SXSW2015
 
Vnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path ForwardVnf onboarding - Current State and Path Forward
Vnf onboarding - Current State and Path Forward
 
2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmc2015 ppmc 3.13.15.latest versionbmc
2015 ppmc 3.13.15.latest versionbmc
 
Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour Mobile technology andy brady - chicago tour
Mobile technology andy brady - chicago tour
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
 
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
 
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
TVOT NYC Intensive T-Commerce Panel Presentation December, 2011
 
The Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the SunThe Relationship of Video, Sound, Captions, & Everything Under the Sun
The Relationship of Video, Sound, Captions, & Everything Under the Sun
 
Verizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User ExperienceVerizon FiOS Innovation Index: DVR User Experience
Verizon FiOS Innovation Index: DVR User Experience
 
Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day Beginning to live in dev ops raul hugo - agile day
Beginning to live in dev ops raul hugo - agile day
 
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
Transforming Your Revenue Engine: How Verizon uses AI and Data to Accelerate ...
 

More from European Merchant Services

European Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de HorecaEuropean Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de HorecaEuropean Merchant Services
 
Presentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigersPresentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigersEuropean Merchant Services
 
tips tricks ter voorbereiding op de toename van het aantal reizigers
tips tricks ter voorbereiding op de toename van het aantal reizigerstips tricks ter voorbereiding op de toename van het aantal reizigers
tips tricks ter voorbereiding op de toename van het aantal reizigersEuropean Merchant Services
 
MasterCard MasterPass -shopping with speed, security and simplicity
MasterCard MasterPass -shopping with speed, security and simplicityMasterCard MasterPass -shopping with speed, security and simplicity
MasterCard MasterPass -shopping with speed, security and simplicityEuropean Merchant Services
 
Understanding the impact of your fraud strategy
Understanding the impact of your fraud strategy Understanding the impact of your fraud strategy
Understanding the impact of your fraud strategy European Merchant Services
 

More from European Merchant Services (8)

European Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de HorecaEuropean Merchant Services propositie voor de Horeca
European Merchant Services propositie voor de Horeca
 
Presentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigersPresentatie European Merchant Services reizigers
Presentatie European Merchant Services reizigers
 
Presentatie European Merchant Services Retail
Presentatie European Merchant Services RetailPresentatie European Merchant Services Retail
Presentatie European Merchant Services Retail
 
tips tricks ter voorbereiding op de toename van het aantal reizigers
tips tricks ter voorbereiding op de toename van het aantal reizigerstips tricks ter voorbereiding op de toename van het aantal reizigers
tips tricks ter voorbereiding op de toename van het aantal reizigers
 
MasterCard MasterPass -shopping with speed, security and simplicity
MasterCard MasterPass -shopping with speed, security and simplicityMasterCard MasterPass -shopping with speed, security and simplicity
MasterCard MasterPass -shopping with speed, security and simplicity
 
First Data: fraud worldwide
First Data: fraud worldwide First Data: fraud worldwide
First Data: fraud worldwide
 
Fraud management optimisation
Fraud management optimisation Fraud management optimisation
Fraud management optimisation
 
Understanding the impact of your fraud strategy
Understanding the impact of your fraud strategy Understanding the impact of your fraud strategy
Understanding the impact of your fraud strategy
 

Recently uploaded

Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfMichael Silva
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Pooja Nehwal
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdfAdnet Communications
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfGale Pooley
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Delhi Call girls
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptxFinTech Belgium
 
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja Nehwal
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceanilsa9823
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfGale Pooley
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfGale Pooley
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Pooja Nehwal
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptxFinTech Belgium
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...ssifa0344
 

Recently uploaded (20)

Stock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdfStock Market Brief Deck (Under Pressure).pdf
Stock Market Brief Deck (Under Pressure).pdf
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx
 
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
 
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdf
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
Dharavi Russian callg Girls, { 09892124323 } || Call Girl In Mumbai ...
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
 

PCI forensic investigations

  • 1.
  • 2. Online fraud is still a big problem and as long as the number of online shoppers continues to grow, so will the number of fraud cases. According to the European Central Bank there were 7.9 million cases of fraud with a value of 1.16 billion euros in 2011 of which 56% took place in e-commerce. European Merchant Services organizes the EMS RISK EVENT annually for retailers who are active in e-commerce and multichannel. It is an excellent opportunity to increase your knowledge in the field of online fraud, risk management and advanced fraud prevention and detection tools. We help you to stay ahead of online fraudsters and to protect your online business by sharing the knowledge and experience of our fraud and risk experts, our customers and our partners. Do you want to attend next year’s EMS RISK EVENT? Please contact the EMS Marketing Department at T +31 20 660 3054 or send an email to marketing@emscard.com. For more information visit www.emscard.com/riskevent Follow us on:
  • 3. PID# Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. PCI Forensic Investigations Presented by Ben Van Erck EMEA RISK team
  • 4. 4 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4 PROPRIETARY STATEMENT © 2013 Verizon. All Rights Reserved. The Verizon and Verizon Business names and logos and all other names, logos, and slogans identifying Verizon’s products and services are trademarks and service marks or registered trademarks and service marks of Verizon Trademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners. This document and any attached materials are the sole property of Verizon and are not to be used by you other than to evaluate Verizon’s service. This document and any attached materials are not to be disseminated, distributed, or otherwise conveyed throughout your organization to employees without a need for this information or to any third parties without the express written permission of Verizon.
  • 5. 5 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 5 INTRODUCTION
  • 6. 6 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6 RISK Team: More than an acronym RESEARCH INVESTIGATIONS SOLUTIONS KNOWLEDGE
  • 7. 7 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 7 OUR TEAM •Diverse investigator backgrounds •Licensed private investigators •Truly global coverage — 24x7 -Investigators based in 16 countries -Forensic labs and evidence storage facilities in America, Europe, and Asia-Pacific •No subcontractors •Global PFI Firm OUR SERVICES •IT investigative support (on-demand) •Guaranteed response (retainer-based) •eDiscovery and litigation support •PCI forensic investigations •Electronic data recovery/destruction •Incident response training •Mock-incident exercises •Corporate IR program development VERIZON RISK TEAM HAS INVESTIGATED 8 OUT OF 10 OF THE WORLD’S LARGEST DATA BREACHES (http://www.idtheftcenter.com/) RISK TEAM OVERVIEW
  • 8. 8 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 8 DATA BREACHES
  • 9. 9 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 9
  • 10. 10 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 10 The DBIR analyzes forensic evidence to uncover how sensitive data is stolen from organizations, who’s doing it, why they’re doing it, and what can be done to prevent it.
  • 11. 11 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 11 VARIED MOTIVATIONS VARIED TACTICS • Aim is to maximize disruption and embarrass victims from both public and private sector. • Use very basic methods and are opportunistic. • Rely on sheer numbers. • Motivated by financial gain, so will take any data that might have financial value. • More calculated and complex in how they chose their targets. • Criminals are now trading information for cash. • Often state-sponsored. • Driven to get exactly what they want, from intellectual property to insider information. • Often state-sponsored, use most sophisticated tools to commit most targeted attacks. • Tend to be relentless. WHO ARE THE ATTACKERS?
  • 12. 12 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 12 THIS YEAR’S BIGGEST THREATS? SAME AS LAST YEAR’S. WHAT TO WORRY ABOUT • Very few surprises, mostly variations on theme. • 75% of breaches were driven by financial motives. • 95% of espionage relied on plain old phishing. • Well-established threats shouldn’t be ignored.
  • 13. 13 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 13 • The weak links haven’t changed much: –Desktops 25% –File servers 22% –Laptops 22% • Unapproved hardware accounts for 43% of misuse cases. WHAT DO ATTACKERS TARGET? STILL THE TRADITIONAL ASSETS. WHAT TO WORRY ABOUT
  • 14. 14 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Difficulty of initial compromise 14
  • 15. 15 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 15 • In 84% of cases, initial compromise took hours or less. WHAT TO WORRY ABOUT QUICK TO COMPROMISE
  • 16. 16 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 16 SLOW TO DISCOVERY • 66% of breaches went undiscovered for months… … Or even years. QUICK TO COMPROMISE WHAT TO WORRY ABOUT
  • 17. 17 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Discovery methods 17
  • 19. 19 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 19 ADDITIONAL INFORMATION • Download DBIR – www.verizonenterprise.com/dbir • Learn about VERIS - www.veriscommunity.net and http://github.com/vz-risk/veris • Explore the VERIS Community Database: http://public.tableausoftware.com/views/vcdb/Overview and learn more about this data http://veriscommunity.net/doku.php?id=public • Ask a question – DBIR@verizon.com • Read our blog - http://www.verizonenterprise.com/security/blog/ • Follow on Twitter - @vzdbir and hashtag #dbir
  • 20. 20 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 20 PCI FORENSIC INVESTIGATIONS
  • 21. 21 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 21 WHAT ARE WE TRYING TO ACHIEVE? GOALS OF A PFI INVESTIGATION 1) Mobilize and respond to the potential security breach and assist in efforts to mitigate further damage; 2) Investigate the security breach and identify, to the extent possible, the source of the security breach; 3) Ascertain, to the extent possible, any compromised cardholder data and provide at- risk information to the respective owners to minimize any impact to the consumer and customer; 4) Identify, to the extent possible, any other details of evidentiary value relative to the security breach; and, 5) Transition, if and only as directed by the customer, any evidence and findings to law enforcement.
  • 22. 22 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 22 WHAT IS EXPECTED OF YOU? VICTIM RESPONSIBILITIES 1) Retaining evidence of compromise; 2) Hire a PFI; (list of approved PFI’s on PCI SSC website) 3) Cooperate with the PFI, acquirer, and/or Participating Payment Brand; 4) Allowing the PFI to drive the PFI Investigation; 5) Participating in discussions with affected Participating Payment Brands and the PFI; 6) Resolving any security weaknesses identified; 7) Notifying acquirers and Participating Payment Brands; and, 8) Notifying and working with law enforcement as applicable.
  • 23. 23 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 23 KEY DEADLINES VICTIM RESPONSIBILITIES Notification of the brands involved: - “Immediately” After notification that PFI is required: -Identify PFI within five (5) business days; -Ensure that the PFI is engaged within ten (10) business days; and -The PFI must be onsite within five (5) business. Reporting: -Preliminary Incident Response Report - five (5) business days; -Final Incident Report - ten (10) business days; -PIN Security Requirements Report - ten (10) business days; -Monthly Status Reports
  • 24. 24 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 24 DBIR: www.verizon.com/enterprise/databreach VERIS: www.veriscommunity.net/