1. 2012 Data Breach
Investigations Report
A study conducted by the Verizon RISK Team with
cooperation from the Australian Federal Police, Dutch
National High Tech Crime Unit, Irish Reporting &
Information Security Service, Police Central e-Crime Unit,
and United States Secret Service.
2. Data Breach Investigations Report (DBIR) series
An ongoing study into the
world of cybercrime that
analyzes forensic evidence to
uncover how sensitive data is
stolen from organizations,
who’s doing it, why they’re
doing it, and, of course, what
might be done to prevent it.
Available at: http://verizonbusiness.com/databreach
Updates/Commentary: http://securityblog.verizonbusiness.com
4. Enterprise Solutions to Meet Business Imperatives
Communications Networking
IT Services Security Services Mobility
Services Services
• Cloud-based Services • Government, Risk and • Contact Center • Internet • Advanced
Compliance Services Communications
• Data Center Services • Private WAN
• Identity and Access • Unified • Applications and
• Managed Applications • Private Point to Point
Management Communications Content
• Managed IT • Access Services
• Managed Security • Video, Web and Audio • Global
• Equipment and Conferencing • Managed Networks Communications
• Equipment and
Services
Services • Traditional Voice • Equipment and • Hardware
• Professional Services Services
• ICSA Labs • Emergency • Mobile Data
Communications • Professional Services
• Professional Services • Voice and Messaging
Services
• Professional Services
• Equipment and
Services
RISK Team • Professional Services
falls here
6. Methodology: Data Collection and Analysis
• DBIR participants use the
Verizon Enterprise Risk and
Incident Sharing (VERIS)
framework to collect and
share data.
• Enables case data to be
shared anonymously to RISK
Team for analysis
VERIS is a (open and free) set of metrics designed to provide a common
language for describing security incidents (or threats) in a structured and
repeatable manner.
VERIS: https://verisframework.wiki.zoho.com/