If you haven’t read the Verizon 2012 Data Breach Report, you may want to check it out. Contains a wealth of information on what’s going on in information security breaches. Here’s a link:
http://www.wired.com/images_blogs/threatlevel/2012/03/Verizon-Data-Breach-Report-2012.pdf
Some interesting tidbits:
Who’s behind data breaches:
- 98% came from external agents
- 4% implicated internal employees
- <1% committed by business partners
- 58% of all data theft tied to activist groups
How do breaches occur?
- 81% utilized some form of hacking
- 69% incorporated malware
- 10% involved physical attacks
- 7% employed social tactics
- 5% resulted from privilege misuse
Commonalities in attacks:
- 79% of victims were targets of opportunity
- 96% of attacks were not highly difficult
- 94% of all data compromised involved servers
- 85% of breaches took weeks or more to discover
- 92% of incidents were discovered by a 3rd party
- 96% of victims subject to PCI DSS had not achieved compliance