31 March 2013

A CONSOLIDATED VIEW ON DATA BREACHES IN 2012 - PART 1...

Google
It’s that time of year again where we try to make sense of all the new research and statistics. Today, I give you the Trustwave 2013 Global Security Report which analyses 400 data breach investigations (compared to 300 in 2011) across 29 countries (compared to 18 in 2011). Unsurprisingly, 96% of the breaches involved the theft of customer records (payment card data, PII, email addresses), compared to 89% in 2011. Closer to home, this is confirmed by the CIFAS Fraudscape report published in March 2013, where, whilst total fraud in the UK only showed a 5% increase since 2011, abuse of identity fraud increased by a whopping 17.1%, correlating to the Trustwave report showing that out off all client-side attacks observed, 61% targeted Adobe Reader users via malicious PDFs, clearly pointing to social engineering.

Trend alert...

In 2012, 78% of the case load (from 85.3% in 2011) originated from the Food & Beverage, Retail and Hospitality industries (see last year’s report), with notable increases in Financial Services and Not For Profit organisations (other):

 
Percentage of breaches per sector – Trustwave GSR 2013
Over the past few years, Food & Beverage and Retail have been almost interchangeable due to the similarity of their infrastructure, but it is good to note the overall reduction from 77.3% in 2011 to 69% in 2012 for both sectors. We are possibly starting to see better practices (better POS security architecture and encryption) in these industries, but criminals continue to focus on these due to the sheer volume of cards and PII they hold. This correlates to a significant rise in automation and persistency of attacks with targeted malware, specifically generic memory scraping which accounted for 49% of all cases for which the associated malware had identifiable data collection functionality (and that is also the whole point of the law suit Genesco filed against Visa). Also interestingly, in the cases where memory dumpers/ key loggers were used, malware operated undetected for an average of 18 months. Increased awareness of the need to secure stored information has also meant that 60% of data harvesting methods are aimed at data in transit.

New for 2012 is the increase in mobile malware with a huge 400%. However, very few of the Trustwave forensic samples involved mobile devices which points to a lack of visibility of mobile devices within organisations. Trustwave also list their top 10 mobile vulnerabilities, which I guess will further inform the proposed OWASP mobile top 10 currently in development.
Note: whilst in 2011 more than one-third of breached entities in Food and Beverage, Retail and Hospitality targeted businesses operating franchise models, the 2012 report case load doesn’t give any indication as to the evolution of this trend.

Who, me?... Or the case for incident response

In 2012, 76% of organisations were notified of breaches by external entities (Regulatory, Law Enforcement, Third Party, Public) compared to 84% in 2011:

Breach Detection - Trustwave GSR 2013
So does this mean that we’re getting better at incident response? Well, I think so on two counts:

Firstly, the March 2012 Symantec sponsored Ponemon Cost of a Data Breach Study (UK) seems to think so by highlighting that whilst the cost per compromised record increased from £71 in 2010 to £79 in 2011, the organisational costs decreased by 8% from £1.9M to £1.75M per breach suggesting that organisations have improved their performance in both preparing for and responding to a data breach (and the findings revealed that fewer records were being lost, with less customer churn). Other studies have found that the cost of a data breach is increasing, and this is perhaps symptomatic of the fact that attacks are now far more targeted. So while self-detection is improving, those that remain blissfully unaware (see earlier post) are facing higher costs to the increased sophistication of attack delivery and targetting. Criminals continue to automate the process of finding victims (through the identification of basic vulnerabilities) and extracting valuable data which lowers the cost of performing attacks, which in turn lowers the minimum yield for a victim to be of interest.

Secondly, whilst the average time from initial breach to detection was 7 months in 2012, the timeline from intrusion to containment has improved significantly over the previous year, with the majority of breaches being detected within 1 year, with 9% detected within 1 month (and even 5% within 10 days) as the chart below suggests:
Timeline of Intrusion to Containment - Trustwave GSR 2013
There are a few more goodies in the Trustwave GSR for this year, including email, passwords, third parties and some international perspectives, but I will leave that for the second part of this post.

Until next time...
neirajones

40 comments:

  1. Woah! I’m really digging the template/theme of this blog. It’s simple, yet effective. A lot of times it’s tough to get that “perfect balance” between superb usability and visual appearance. I must say you’ve done a great job with this. Also, the blog loads super quick for me on Opera. Outstanding Blog!
    la wedding venues

    ReplyDelete
  2. I admire this article for the well-researched content and excellent wording. I got so involved in this material that I couldn’t stop reading. I am impressed with your work and skill. Thank you so much. my review here

    ReplyDelete
  3. Thanks so much for this information. I have to let you know I concur on several of the points you make here and others may require some further review, but I can see your viewpoint. check out the post right here

    ReplyDelete
  4. Thanks so much for this information. I have to let you know I concur on several of the points you make here and others may require some further review, but I can see your viewpoint. check out the post right here

    ReplyDelete
  5. This is highly informatics, crisp and clear. I think that everything has been described in systematic manner so that reader could get maximum information and learn many things. Tableau Data Blending

    ReplyDelete
  6. This comment has been removed by the author.

    ReplyDelete
  7. I don t have the time at the moment to fully read your site but I have bookmarked it and also add your RSS feeds. I will be back in a day or two. thanks for a great site.
    data science certification malaysia

    ReplyDelete

  8. It has fully emerged to crown Singapore's southern shores and undoubtedly placed her on the global map of residential landmarks. I still scored the more points than I ever have in a season for GS. I think you would be hard pressed to find somebody with the same consistency I have had over the years so I am happy with that.
    data science training in noida

    ReplyDelete
  9. This comment has been removed by the author.

    ReplyDelete
  10. I just got to this amazing site not long ago. I was actually captured with the piece of resources you have got here. Big thumbs up for making such wonderful blog page!
    data science course in coimbatore

    ReplyDelete
  11. Such a very useful article. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article.
    data science course in ecil

    ReplyDelete
  12. You re in point of fact a just right webmaster. The website loading speed is amazing. It kind of feels that you're doing any distinctive trick. Moreover, The contents are masterpiece. you have done a fantastic activity on this subject!data science course malaysia

    ReplyDelete
  13. Very impressive and interesting blog found to be well written in a simple manner that everyone will understand and gain the enough knowledge from your blog being more informative is an added advantage for the users who are going through it. Once again nice blog keep it up.

    360DigiTMG Artificial Intelligence Course

    ReplyDelete
  14. I'd love to thank you for the efforts you've made in composing this post. I hope the same best work out of you later on too. I wished to thank you with this particular sites! Thank you for sharing. Fantastic sites!
    360DigiTMG Data Science Course

    ReplyDelete
  15. This is a great post. This post gives a truly quality information. I am certainly going to look into it. Really very helpful tips are supplied here. Thank you so much. Keep up the great works
    360DigiTMG Data Science Training

    ReplyDelete
  16. Really nice and intriguing post. I was trying to find this sort of advice and appreciated reading this one. Keep posting. Thank you for sharing.
    360DigiTMG Data Science Training Institute in Bangalore

    ReplyDelete
  17. Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon. Big thanks for the useful info. hikedatabase.com/united-states/hiking-in-rhode-island/

    ReplyDelete
  18. Hello there, I sign on to your new stuff like each week. Your humoristic style is clever, keep it up
    data science courses in delhi

    ReplyDelete
  19. Very good points you wrote here..Great stuff...I think you've made some truly interesting points.Keep up the good work.
    360digitmg

    ReplyDelete
  20. I will very much appreciate the writer's choice for choosing this excellent article suitable for my topic. Here is a detailed description of the topic of the article that helped me the most.
    Data Science Institute in Bangalore

    ReplyDelete
  21. I am delighted to discover this page. I must thank you for the time you devoted to this particularly fantastic reading !! I really liked each part very much and also bookmarked you to see new information on your site.
    Data Science Course in Pune

    ReplyDelete
  22. Now is the perfect time to plan for the future and now is the time to be happy. I have read this article and if I can I want to suggest some interesting things or suggestions to you. Perhaps you could write future articles that reference this article. I want to know more!
    Data Science Training in Pune

    ReplyDelete
  23. Woohoo! It is an amazing and useful article. I really like. It's so good and so amazing. I am amazed. I hope you will continue to do your job in this way in the future as well.

    Data Analytics Course in Bangalore

    ReplyDelete
  24. Really, this article is truly one of the best in article history. I am a collector of old "items" and sometimes read new items if I find them interesting. And this one that I found quite fascinating and should be part of my collection. Very good work!
    Digital Marketing Course in Bangalore

    ReplyDelete
  25. Thanks, you for sharing this unique useful information content with us. Really awesome work. keep on blogging.
    AWS Training in Hyderabad
    AWS Course in Hyderabad

    ReplyDelete
  26. I just got to this amazing site not long ago. I was actually captured with the piece of resources you have got here. Big thumbs up for making such wonderful blog page!
    data science training in malaysia

    ReplyDelete
  27. You have completed certain reliable points there. I did some research on the subject and found that almost everyone will agree with your blog.

    Data Analytics Course in Bangalore

    ReplyDelete
  28. You re in point of fact a just right webmaster. The website loading speed is amazing. It kind of feels that you're doing any distinctive trick. Moreover, The contents are masterpiece. you have done a fantastic activity on this subject! cloud computing training institute in gurgaon

    ReplyDelete
  29. Great Information sharing .. I am very happy to read this article .. thanks for giving us go through info.Fantastic nice. I appreciate this post.
    data science training in malaysia

    ReplyDelete
  30. Very good message. I came across your blog and wanted to tell you that I really enjoyed reading your articles.


    Data Scientist Training and Placement Bangalore

    ReplyDelete
  31. Very good message. I came across your blog and wanted to tell you that I really enjoyed reading your articles.

    Data Science Course in Nashik

    ReplyDelete
  32. Well we really like to visit this site, many useful information we can get here.
    full stack developer course

    ReplyDelete
  33. This is a wonderful article, Given so much info in it, These type of articles keeps the users interest in the website, and keep on sharing more ... good luck.
    data science course in malaysia

    ReplyDelete
  34. It's like you've got the point right, but forgot to include your readers. Maybe you should think about it from different angles.


    Data Analytics Course in Nashik

    ReplyDelete
  35. I am another customer of this site so here I saw various articles and posts posted by this site,I curious more energy for some of them trust you will give more information further.

    ReplyDelete
  36. 360DigiTMG, the top-rated organisation among the most prestigious industries around the world, is an educational destination for those looking to pursue their dreams around the globe. The company is changing careers of many people through constant improvement, 360DigiTMG provides an outstanding learning experience and distinguishes itself from the pack. 360DigiTMG is a prominent global presence by offering world-class training. Its main office is in India and subsidiaries across Malaysia, USA, East Asia, Australia, Uk, Netherlands, and the Middle East.

    ReplyDelete
  37. 360DigiTMG is the most recommended Data Science course institute in Chennai. Get trained by top professionals from IIT, IIM and, ISB. Enroll now!
    business analytics course in bhubaneswar

    ReplyDelete