Verizon Business Releases Trailblazing Data-Breach Study Spanning 500 Forensic Investigations - Via Verizon Business News:

Key Findings Indicate 87 Percent of Breaches Avoidable through Reasonable Security Measures Businesses Urged to Be Proactive

June 11, 2008

BASKING RIDGE, N.J. – Nearly nine in 10 corporate data breaches could have been prevented had reasonable security measures been in place, according to a comprehensive report issued today by Verizon Business. The study also provides key recommendations to help businesses protect themselves and urges them to be proactive.

The “2008 Data Breach Investigations Report” spans four years and more than 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches including three of the five largest ones ever reported. This first-of-its-kind study, conducted by Verizon Business Security Solutions investigative experts, also found that 73 percent of breaches resulted from external sources versus 18 percent from insider threats, and most breaches resulted from a combination of events rather than a single hack or intrusion.

“Security breaches and the compromise of sensitive information are very real and growing concerns for organizations worldwide,” said Dr. Peter Tippett, vice president of research and intelligence for Verizon Business Security Solutions. “This report can help companies better understand data breaches – how they occur and the commonalities that exist. Most importantly, it urges organizations to be proactive in their approach to security -- the absolute key to safeguarding data.”

Key Findings Examine Basic Security Tenets

Some of the findings may be contrary to widely held beliefs, such as that insiders are responsible for most breaches. Key findings include:

• Most data breaches investigated were caused by external sources. Thirty-nine percent of breaches were attributed to business partners, a number that rose five-fold during the course of the period studied.
• Most breaches resulted from a combination of events rather than a single action. Sixty-two percent of breaches were attributed to significant internal errors that either directly or indirectly contributed to a breach. For breaches that were deliberate, 59 percent were the result of hacking and intrusions.
• Of those breaches caused by hacking, 39 percent were aimed at the application or software layer. Attacks to the application, software and services layer were much more commonplace than operating system platform exploits, which made up 23 percent. Fewer than 25 percent of attacks took advantage of a known or unknown vulnerability. Significantly, 90 percent of known vulnerabilities exploited had patches available for at least six months prior to the breach.
• Nine of 10 breaches involved some type of “unknown” including unknown systems, data, network connections and/or account user privileges. Additionally, 75 percent of breaches are discovered by a third party rather than the victimized organization and go undetected for a lengthy period.
• In the modern organization, data is everywhere and keeping track of it is an extremely complex challenge. The fundamental principle, however, is quite simple – if you don’t know where data is, you certainly can’t protect it.

(Read Original Article - Via Verizon Business News.)