Webinar: Prepare, Recognize, and Respond to Data Breaches

of 16
11 views
PDF
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Document Description
There are two types of companies: Those that have been breached, and those that don’t know they have been breached. Learn more now: http://www.verizonenterprise.com/DBIR/
Document Share
Document Transcript
  • 1. Prepare, Recognize, and Respond to Data Breaches October 30, 2014 Claudio Scarabello, Security Product Marketing, Panel Moderator Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 1
  • 2. PROPRIETARY STATEMENT This document and any attached materials are the sole property of Verizon and are not to be used by you other than to evaluate Verizon’s service. This document and any attached materials are not to be disseminated, distributed, or otherwise conveyed throughout your organization to employees without a need for this information or to any third parties without the express written permission of Verizon. © 2014 Verizon. All Rights Reserved. The Verizon name and logo and all other names, logos, and slogans identifying Verizon’s products and services are trademarks and service marks or registered trademarks and service marks of Verizon Trademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 2
  • 3. Please advance to the next slide where you can watch the video. The total slide deck is available for your reference after the video. Thank you. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 3
  • 4. Today’s Panel of Speakers: Claudio Scarabello, Moderator A. Bryan Sartin, Managing Director, RISK Team • 20 years in the security industry • Testified in Congress on cyber threats • Filed numerous patents • More than 350 cyber investigations each year • Over 40 countries Cindy Stanton, Global Director, Security Product Management • 12 years in the security industry • Managed Security Services for thousands of customers • Leadership of Product Management, Marketing, Professional Services • Key role in acquisitions Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4
  • 5. An Unprecedented Data Set 2014 Data Breach Investigations Report • 50 contributing organizations. • 63,000+ security incidents. • 1,367 confirmed data breaches. • 95 countries covered. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 5
  • 6. Incidents From All Over the World 95 The 2014 DBIR data set includes incidents targeting organizations in 95 countries, representing both large and small organizations, and 19 industry categories — from agriculture to professional services. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6
  • 7. SIMPLIFYING THE UNIVERSE OF THREATS 2014 DATA BREACH INVESTIGATIONS REPORT POINT-OF-SALE INTRUSIONS PAYMENT CARD SKIMMERS 92 THE UNIVERSE OF THREATS MAY SEEM LIMITLESS, BUT 92% OF THE 100,000 INCIDENTS WE’VE ANALYZED FROM THE LAST 10 YEARS CAN BE DESCRIBED BY JUST NINE BASIC PATTERNS. PHYSICAL THEFT AND LOSS CRIMEWARE MISCELLANEOUS ERRORS DOS ATTACKS INSIDER MISUSE Conducted by Verizon with contributions from 50 organizations from around the world. WEB-APP ATTACKS CYBER-ESPIONAGE % EVERYTHING ELSE Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 7
  • 8. Nine Classification Patterns Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 8
  • 9. Threat Actor Motives SOURCE: VERIS COMMUNITY DATASET Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 9
  • 10. The Threat Landscape is Changing Cyber attacks happen faster and more often than ever—and they're harder to discover. SECONDS MINUTES MONTHS FREQUENCY Multiple attacks happen per second. * Source: Verizon 2014 Data Breach Investigations Report HOURS WEEKS COMPROMISE 87% of point-of-sale attacks compromised systems in minutes or less. DISCOVERY 62% of cyber-espionage breaches took months to discover. DAYS Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 10
  • 11. Cyber Incident Detection Security’s greatest weakness… SOURCE: VERIS COMMUNITY DATASET Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 11
  • 12. A More Intelligent Approach to Security Recognize Stop many attacks by breaking the attack chain, using: • Malware defenses • Constant monitoring • Actionable intelligence • Advanced threat detection Respond Mitigate impact quickly and effectively. • Incident response • Security guidance • Data recovery • Feedback to “prepare” stage Threat Intelligence Stop attacks early with good hygiene. • Limit appeal to attackers • Secure configurations • Vulnerability remediation • Least privilege • Leverage Verizon unique visibility on the network. • Aggregate from multiple, global sources • Identify attack indicators and behaviors • Apply intelligence to provide actionable context Prepare Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 12
  • 13. Comprehensive Risk Intelligence Approach Verizon RISK Intel & Research Public & Private Sources Verizon Managed Security Services Applied Intel Strategic Intelligence DBIR 60+ feeds Tactic Intel IOC Database Operational Intel SEAM Threat Intelligence Experts View Incidents & Attacks Large Selection of Security Vendors SOC Global Consultant Integration Services SOC Tactical Verizon Threat Library Team Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 13
  • 14. Solutions for Actionable Threat Analytics Advanced Threat Intelligence and Monitoring Service NetFlow Monitoring Advanced Threat Detection Traditional Managed Security Services Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 14
  • 15. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 15
  • 16. Conclusions and Next Steps • Read the Verizon Data Breach Investigations Report – www.verizonenterprise.com/DBIR • www.verizonenterprise.com/security • securitysolutionscontact@verizon.com • Prepare: Take appropriate steps to address vulnerabilities and strengthen defenses • Recognize: Implement measures to break the attack chain early • Respond: Know how to quickly reduce the impact of a suspect breach Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 16
  • Search Related
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks
    SAVE OUR EARTH

    We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

    More details...

    Sign Now!

    We are very appreciated for your Prompt Action!

    x