Observations on the 2013 Verizon Data Breach Investigations Report

Rick Holland

I was very excited to finally get a copy of the much-anticipated 2013 Verizon Data Breach Investigations Report (DBIR.)  I have found the report to be valuable year after year.  This is the 6th iteration and this year’s report includes 621 confirmed data breaches, as well as over 47,000 reported security incidents.  18 organizations from across the globe contributed to the report this year.  The full report is 63 pages, and I have to say that Wade Baker and company did a great job making it an enjoyable read. I enjoyed the tone, and I found myself laughing several times as I read through it (Laughing and infosec aren't commonly said in the same breath.)  There are tons of great references as well, ranging from NASCAR, to Biggie Smalls, the Violent Femmes and more.  The mantra of this year’s report is “Understand Your Adversary’ is Critical to Effective Defense and Response.”   Here are a few observations: 

The focus on the adversary answers customer questions.  Who is the adversary? This is a frequent question from Forrester clients.  The Mandiant APT1 report stirred up much debate on state sponsored actors and Verizon's data and analysis gives us more perspective on this class of threat actor. The first table in the report profiles the threat actors that are targeting organizations.  It provides a high level view that I suggest you include in any type of executive engagement activity you participate in.  This 3rd party snapshot of the threat actors should resonate with a wide degree of audiences.

Read more

The Forrester Wave: Email Content Security

Rick Holland

It is with great pleasure that I announce the completion of my first Forrester Wave™: Email Content Security, Q4 2012. I’d like to thank the research associates (Jessica McKee and Kelley Mak) who assisted me with this project. We performed a 47-criteria evaluation of nine email content security vendors. Given my background as a practitioner and solutions engineer, one of the key requirements to participate was unsupervised access to a demo environment. I had access to the environments throughout the evaluation process and found them to be a great option for validating features and “getting to know” the user interfaces. Here are some of the key findings:  

Email security is a critical component of your portfolio
Email is a key component of business processes within enterprises and must be secured. Despite the fact that email security is low on the spending priority list, it’s critical that organizations safeguard email. Email is a popular attack vector for targeted attacks, and HIPAA and PCI mandate that emails containing confidential data be secured.
 
Advanced capabilities differentiate vendor offerings
Vendors are delivering enhanced capabilities in response to the threat and compliance landscape. Big data analytics are leveraged to combat targeted attacks. Encryption capabilities have been improved and simplified. Channel DLP is now robust and feature-rich.
 
The delivery model is shifting
Read more