Apr 28 2009
The Verizon 2009 Data Breach Investigation Report is one of the most important articles to be posted to the Internet so far this year if you’re a security professional. Not only does it give us an honest view into what’s happening in real world breaches, it gives us ammunition to take to management in the form of real numbers from data breaches and what caused them. Real world numbers are always better than our suppositions when trying to prove something to management.
I got a chance to talk to Wade Baker, one of the primary authors of the Verizon report, last week at the RSA Conference. We talk about how the Breach Investigation Report, how security professionals are using it and the possibility that Verizon may be releasing their methodology so that other companies who respond to breaches can contribute to the statistics. Personally love to see a wider variety of breach information added to the statistics so we can see if the cases Verizon is being called in on are the the norm or if there’s something anomalous about their experience. More data and better statistics can’t help but give us more ammunition to help secure our enterprises.