Save $200 thru 8/2 on Courses at SANS San Francisco Fall 2017.

Reading Room

SANS eNewsletters

Receive the latest security threats, vulnerabilities, and news with expert commentary

Data Protection

Featuring 6 Papers as of March 20, 2017

  • Cyber Security Trends: Aiming Ahead of the Target to Increase Security in 2017 Analyst Paper
    by John Pescatore - March 20, 2017 

    Attackers are always changing their methods, but some cybersecurity trends are clear--and identifying these trends will help security professionals plan for addressing these issues in the coming year. Attacks will continue, and many will be successful. While security professionals should try to prevent a breach, it's far more critical to uncover breaches quickly and mitigate damage. Another significant trend for 2017: expanding current security measures to better protect data in the cloud and to address the security shortcomings of the Internet of Things. Even while fighting daily security fires, security managers can expect boards of directors to show more interest in their efforts. Board members are keenly aware that breaches can be high-profile catastrophes for companies, and they are also concerned that the organizations they oversee are in compliance with new and more stringent regulations. This whitepaper covers the latest and best security hygiene and common success patterns that will best keep your organization off the "Worst Breaches of 2017" lists.


  • Preparing for Compliance with the General Data Protection Regulation (GDPR) A Technology Guide for Security Practitioners Analyst Paper
    by Benjamin Wright - March 7, 2017 

    The General Data Protection Regulation (GDPR) is the latest data security legislation in the European Union. When it goes into effect, it can apply widely to various organizations, including those without a physical presence in the European Union. What does this complex regulation mean and what does your organization need to do to comply? This paper explains these as well as how to identify a Data Protection Officer and what this person needs to know to be effective. It also provides a checklist for compliance with concise, practical information your organization can begin using now.


  • Back to Basics: Focus on the First Six CIS Critical Security Controls Analyst Paper
    by John Pescatore - January 24, 2017 

    Rather than a lack of choices in security solutions, a major problem in cyber security is an inability to implement mature processes - many organizations lack a defined and repeatable process for selecting, implementing and monitoring the security controls that are most effective against real-world threats. This paper explores how the Center for Internet Security (CIS) Critical Security Controls has proven to be an effective framework for addressing that problem.


  • Data Breach Impact Estimation STI Graduate Student Research
    by Paul Hershberger - January 3, 2017 

    Internal and External auditors spend a significant amount of time planning their audit processes to align their efforts with the needs of the audited organization. The initial phase of that audit cycle is the risk assessment. Establishing a firm understanding of the likelihood and impact of risk guides the audit function and aligns its work with the risks the organization faces. The challenge many auditors and security professionals face is effectively quantifying the potential impact of a data breach to their organization. This paper compares the data breach cost research of the Ponemon Institute and the RAND Corporation, comparing the models against breach costs reported by publicly traded companies by the Securities and Exchange Commission (SEC) reporting requirements. The comparisons will show that the RAND Corporation's approach provides organizations with a more accurate and flexible model to estimate the potential cost of data breaches as they relate to the direct cost of investigating and remediating a breach and the indirect financial impact associated with regulatory and legal action of a data breach. Additionally, the comparison indicates that data breach-related impacts to revenue and stock valuation are only realized in the short-term.


  • Keys to Effective Anomaly Detection by Matt Bromiley - October 25, 2016 

    Simply put, an anomaly is something that seems abnormal or doesn’t t within an environment. A car with ve driving wheels would be an anomaly. In the context of an enterprise network, an anomaly is very much the same—something that does not t or is out of place. While anomalies in an enterprise network may be indicative of a con guration fault, they are often evidence of something much more worrisome: a malicious presence on the network.


  • Data Breaches: Is Prevention Practical? Analyst Paper
    by Barbara Filkins - September 13, 2016 

    Despite the potential costs, legal consequences and other negative outcomes of data breaches, they continue to happen. A new SANS Institute survey looks at the preventive aspect of breaches – and what security and IT practitioners actually are, or are not, implementing for prevention.


Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

STI Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.