Nearly nine in 10 corporate data breaches could have been prevented had reasonable security measures been in place, according to a report issued by Verizon (
News -
Alert) Business.
The 2008 Data Breach Investigations Report spans four years and more than 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches including three of the five largest ones ever reported.
This first-of-its-kind study, conducted by Verizon Business (
News -
Alert) Security Solutions investigative experts, also found that 73 percent of breaches resulted from external sources versus 18 percent from insider threats, and most breaches resulted from a combination of events rather than a single hack or intrusion.
“Security breaches and the compromise of sensitive information are very real and growing concerns for organizations worldwide,” says Dr. Peter Tippett, vice president of research and intelligence for Verizon Business Security Solutions.
Most data breaches investigated were caused by external sources, Verizon finds. Thirty-nine percent of breaches were attributed to business partners, a number that rose five-fold during the course of the period studied.
Most breaches resulted from a combination of events rather than a single action. Sixty-two percent of breaches were attributed to significant internal errors that either directly or indirectly contributed to a breach. For breaches that were deliberate, 59 percent were the result of hacking and intrusions.
Of those breaches caused by hacking, 39 percent were aimed at the application or software layer. Attacks to the application, software and services layer were much more commonplace than operating system platform exploits, which made up 23 percent.
Fewer than 25 percent of attacks took advantage of a known or unknown vulnerability. Significantly, 90 percent of known vulnerabilities exploited had patches available for at least six months prior to the breach.
Nine of 10 breaches involved some type of “unknown” including unknown systems, data, network connections and/or account user privileges. Additionally, 75 percent of breaches are discovered by a third party rather than the victimized organization and go undetected for a lengthy period.
Among the recommendations Verizon makes to enterprises, simple implementation is key. In 59 percent of data breaches, the organization had security policies and procedures established for the system, but these measures were never implemented.
It also is important to create a data retention plan. With 66 percent of all breaches involving data that a company did not even know was on their system, it’s critical that an organization knows were data flows and where it resides.
Data also should be controlled with transaction zones, walling off data when necessary.
Enterprise IT staffs also must monitor event logs. Evidence of events leading up to 82 percent of data breaches was available to the organization prior to actual compromise. But those logs have to be watched.
An incident response plan also is necessary. If and when a breach is suspected, the organization must be ready to respond, not only to stop the data compromise but to collect evidence that enables the business to pursue prosecution when necessary.
Only 14 percent of data breaches were discovered by employees of the victimized organization, even though employees are the first line of defense in safeguarding data, so obviously there is some education to be done.
Verizon also suggests mock-incident testing, where employees can test their responses.
Gary Kim (News - Alert) is a contributing editor for TMCnet. To read more of Gary’s articles, please visit his columnist page.
 Internet Protocol (IP) | X |
| IP stands for Internet Protocol, a data-networking protocol developed throughout the 1980s. It is the established standard protocol for transmitting and receiving data
in packets over the Internet. I...more |
SUBSCRIPTIONS
Activate Email 
TMCnet LOGIN
By 
