Community Blog

Vulnerability Focus: 2015 Verizon Data Breach Investigations Report (DBIR): Insights from Unit 42

by on ‎04-22-2015 01:45 PM - last edited on ‎05-09-2017 05:48 PM by (8,949 Views)

Verizon data breach investigations report

Today I will be introducing a new Community Feature:

Vulnerability Focus

Inside of the Vulnerability Focus, we will be talking about recent Threats or Vulnerabilities that have been discovered. Information that every Security Professional can use to help protect their networks.

 

This week I will be covering Scott Simkin's (from Unit 42) recent "2015 Verizon Data Breach Investigations Report (DBIR): Insights from Unit 42" blog.

 

Inside that blog, Scott talks about the results from the 2015 Verizon Data Breach Investigations Report (DBIR). Verizon's report includes several topics, including:

  • What effect does mobile malware have on data security?
  • How can you better estimate the financial impact of a data breach?

 

"The 2015 Verizon Data Breach Investigations Report (DBIR) represents the first time Palo Alto Networks has contributed data to this important publication, and we are proud to be part of an intelligence-sharing ecosystem that, in the end, raises the collective bar for everyone in the industry."

 

There are some interesting quotes from the report, here are a few:

“70 to 90% (depending on the source and organization) of malware samples are unique to a single organization.”

“In 70% of the attacks where we know the motive for the attack, there’s a secondary victim.”

“99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE was published.”

 

"The most common methods observed in these types of attack are:

Watering hole attacks (also known as strategic web compromise), where an organization’s website is infected with exploit code to try and infect visitors to their site.

DDoS attacks, where web servers or other high-bandwidth hosts are compromised and used in an attack on another target."

 

I would recommend that you read the Unit 42 article first. Then visit Verizon's page for more info. (Links are below)

 

To read the entire article, please click here:

http://researchcenter.paloaltonetworks.com/2015/04/2015-verizon-data-breach-investigations-report-db...

 

You can read the entire Report from Verizon Enterprise's web site here:

http://www.verizonenterprise.com/DBIR/2015/

 

There is even a short 3 minute video posted on Verizon's page about the report.

 

Thanks for reading.

Stay Secure!

Joe Delio

 

Vulnerability Focus: 4-22-2015

Ask Questions Get Answers Join the Live Community
Labels