Archive for June, 2008

Dampened Countermeasure Effectiveness

Monday, June 23rd, 2008

By Peter Tippett and Wade Baker

Studies are useful to help us to learn what works and what does not. Studies of other’s experiences, such as The Verizon Business 2008 Data Breach Investigations Report, are especially instructive. But most of us crave to actually understand why events play out as they do, and to be able to accurately predict what the results of those studies will be. Risk models can be very useful in driving our understanding.

(more…)

Tags: , , , ,
Posted in Analysis | No Comments »

Bryan Sartin on the Data Breach Investigations Report

Friday, June 20th, 2008

Bryan Sartin, Director of Investigative Response for Verizon Business Security Solutions, was recently interviewed by Michael Johnson at PodTech. Visit the links below to listen.

(more…)

Tags: , , , ,
Posted in Announcements | No Comments »

I Was an Anti-MSS Zealot

Tuesday, June 10th, 2008

I used to think that Intrusion Detection Systems (IDS) and Managed Security Services (MSS) were a waste of time. After all, most attacks that I had worked on began, and were over, within seconds, and were typically totally automated. In my mind, an IDS alarm going off, or getting a call from the SOC operator, would be like the captain of a ship getting an alarm such as: “Captain, a torpedo passed through engines #2 and #3, and exited the starboard flank. We will be sinking in seven minutes.”

But the Verizon Business 2008 Data Breach Investigations Report tells a very different story.

(more…)

Tags: , , , ,
Posted in Studies & Whitepapers | No Comments »