Learning From the Mistakes of Others Lessons From 855 Data Breaches in 2011
- Mark Goudie
- Thursday, October 18th, 6:30pm - 8:00pm
Data breaches continue to plague organizations worldwide. In 2011, 58% of the data stolen was attributed to hactivism, according to the annual 2012 Data Breach Investigations Report (DBIR) by Verizon. The new trend contrasts sharply with the data breach pattern of the past several years - during which the majority of attacks were carried out by cybercriminals whose primary motivation was financial gain. This change represents a significant change in the approach needed by defenders, as there are now three key groups we need to be prepared for.
Key findings included:
- 79% of the attacks represented in the report were opportunistic;
- 96% were not highly difficult, meaning they did not require advanced skills or extensive resources; and
- 97% of the attacks were avoidable, without the need for organisations to resort to difficult or expensive countermeasures.
The presentation will be a combination of statistics coloured by real world war stories from APAC and overseas to illustrate key points.
Mark Goudie is the Verizon Business managing principal for Investigative Response in Asia-Pacific and brings more than 20 years experience in IT to this role. He specializes in computer forensics, incident response, and e-Discovery. Goudie is a joint author of the Verizon Business Data Breach Investigations Report and is a regular speaker at industry conferences including AusCERT, OWASP, PCI DSS, Ruxcon, and the INTERPOL Information Security Conference.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
|Who's Watching the Watchers?||Mike Poor, SANS Senior Instructor||Thursday, October 11th, 6:30pm - 7:30pm||SANS@Night|
|Why Our Defenses Are Failing Us. One Click Is All It Takes...||Bryce Galbraith, SANS Certified Instructor||Tuesday, October 16th, 6:30pm - 8:30pm||SANS@Night|
|How to Do a Computer Forensic Investigation...and Not Get Burned!||Nick Klein||Wednesday, October 17th, 6:30pm - 7:30pm||SANS@Night|
|Learning From the Mistakes of Others Lessons From 855 Data Breaches in 2011||Mark Goudie||Thursday, October 18th, 6:30pm - 8:00pm||SANS@Night|