Welcome to The UltraTech Zone Sign in | Join | Help

Talking Out Loud with ASB

Views on Life, Technology and Everything, by ASB (aka Logik!)...

My Profile

Andrew S. Baker (ASB)

News

  • Platform: CS v2.1 SP2...

    Get a FREE phishing filter for your domain!

    Who links to my website?

    Pando Pro

The State of Data Breaches in 2010

Data BreachI had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG.  They’ve put together data from 2004 through 2009, and it is quite interesting.

These are from confirmed data breach cases.

Here were 3 of the scariest stats in the document:

  • 86% of victims had evidence of the breach in their log files
  • 96% of breaches were avoidable through simple or intermediate controls
  • 79% of victims subject to PCI DSS had not achieved compliance

In short, 4 out of 5 organizations that were supposed to be compliant with one particular regulation were not.  They were infiltrated through easily avoidable situations, and the evidence of their compromise was sitting right in their own logs, but not discovered by them.

That is a sad state of affairs…

All is not lost, however.  The report did have a few bright notes.  Please take some time to review it when you can.

Share Post:
Posted: Friday, July 30, 2010 12:14 AM by Logik!

Comments

BrainWave Technology Tidbits said:

I had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG

# July 30, 2010 12:54 AM
Anonymous comments are disabled

About Logik!

Andrew S. Baker aka ASB aka Logik!

Andrew S. Baker is a business-savvy, hands-on IT leader with expertise in mentoring people, mitigating risk, and integrating technology to drive innovation and maximize business results. He creates competitive advantage for organizations through effective IT leadership: implementation of processes and controls, and architecture of robust business solutions.

Mr. Baker has successfully led a number of high-performance technology teams in designing, deploying and maintaining secure, cost-effective computing environments for well-known companies, including Warner Music Group, The Princeton Review, Bear Stearns, About.com, and Lewco Securities.

For over a decade, Andrew has exhibited thought leadership on technology and business topics via mailing lists, technical forums, blogs, and professional networking groups, along with contributions to podcasts, webinars, and over 20 technical/business magazine articles. He also serves on several boards and committees for non-profit organizations, and within the Seventh-day Adventist church.

His personal interests include Astronomy, Basketball, Bible Study, Chess, Comics, Computers, Family Life Ministries, Reading, Strategy/Role Playing games, and Professional Networking...

A summary of Andrew's current résumé is available here, and he can be reached on a variety of social and professional networks, including LinkedIn, Facebook and Twitter.