Threat Report Urges Focus on Attack Patterns

 
 
 

Two themes emerge from Verizon's "2013 Data Breach Investigations Report." First, a substantial increase in the number of partners that contributed threat data—18 cyber-enforcement entities from around the world, up from just four a year earlier—appears to have brought more balance to the findings. Second, there are stronger patterns behind security breaches than previous reports had indicated. Specifically, more than two-thirds of all breaches investigated by Verizon fell into one of three categories: physical attacks on automated teller machines (ATMs); penetration techniques such as phishing, malware and hacking; and point-of-sale "smash-and-grab" attacks. "While some may argue that we are dealing with an intelligent and adaptive adversary, the data tells us that adaptation isn't necessary for many of these attackers," the report's authors write. "Treating our adversaries as random and unpredictable is counterproductive. We may be able to reduce the majority of attacks by focusing on a handful of attack patterns." The data set for this year's report represents more than 47,000 reported security incidents in 27 countries, including 621 confirmed data disclosures, 421 of which fell into one of the above-mentioned categories.

Threat Report Urges Focus on Attack Patterns

Profile of Victims 38% of breaches targeted larger organizations, 37% of breaches affected financial organizations, 24% of breaches occurred in retail stores or restaurants

Threat Report Urges Focus on Attack Patterns
 
 
Tony has been writing about technology and business for nearly 20 years and currently freelances from his home in the San Francisco Bay Area. Having spent the dot-com boom and bust years in Silicon Valley, he's had a front-row seat for the evolution of the technologies that have been the foundation of IT-powered business—from the growth of client/server computing, through the birth of the commercial Internet, to the emergence of cloud computing and social media. He has been a regular contributor to CIO Insight and Baseline Magazine since 2007, and he posts frequently on CIO Insight's BizTech 3.0 blog. A 1988 graduate of the University of Missouri-Columbia School of Journalism, Tony spends his spare time relaxing with his wife, playing with his two sons, tinkering around his home in Albany, Calif., and, when time allows, playing saxophone and traveling. His somewhat infrequent Twitter posts can be found at http://twitter.com/tkontzer.
 
 
 

Submit a Comment

Loading Comments...

Manage your Newsletters: Login   Register My Newsletters