Verizon offers glimpse of its 2011 security investigations

Verizon is offering a sneak peek of its upcoming Data Breach Investigations Report during the 2012 RSA Conference this week.

The Verizon 2011 Investigative Response Caseload Review is intended to serve as a preview to the report with more than just statistics but also plenty of caseloads and findings from security breaches that Verizon investigated itself last year.

All results are based on first-hand evidence collected during paid external forensic investigations of the 90 data breaches conducted by the Verizon RISK Team, and the study only covers incidents involving confirmed data compromise.

Those data breach investigations totaled 90 in 2011, with 92 percent of attacks found to be external in origin. Breaches remain a global phenomenon, but less than half of breaches originated in North America with the remainder split between Europe, the Middle East and the Asia-Pacific region.

Much like other state-of-security reports published in the last few months from the likes of Cisco and McAfee, among others, Verizon agrees that hacktivism and malware pose some of the biggest threats to security today.

In fact, Verizon found that these methods represented 99 percent of attacks in 2011.

Here's an explanation from the report:

If you’re thinking "sure, we might store most of our data in databases and file servers, but data has a tendency to scatter around to other types of devices too," you would, of course, be correct. For this reason, end-user devices are commonly exploited during breaches as well. Sometimes they’re the point from which data is taken, but more often, they provide a foothold into the organization from which the intruder stages the rest of an attack. An especially common scenario we’ve encountered involves the installation of a keylogger on a user device in order to steal said user’s credentials to an internal application server.

Set to be published this spring, Verizon's full Data Breach Investigations Report will analyze more than 850 breaches with data from five heavy-hitting law enforcement agencies: the U.S. Secret Service, the Dutch High Tech Crime Unit, the Irish Reporting and Information Service, the Australian Federal Police and the London Metropolitan Police.

Related:

• Symantec CEO: ‘Digital natives’ will change how we do business
• Netgear’s ProSecure platform helps SMBs manage social media
• Symantec partners with VMware, Salesforce.com on new security controls
• Cisco extends firewall platform with new context-aware measures
• Cisco taking more ‘integrated and holistic’ approach to network security
• EMC unveils security, risk management services portfolio at RSA 2012