Bryan Sartin's keynotes on day-two of RSA Conference
by Nilesh Pritam
Bryan Sartin's keynote on day two of the RSA Conference in Singapore has a little bit of everything - statistics, pictures, stories. The major takeaway? The fact that it continues to take organizations up to a staggering seven months to detect a breach, on average. Verizon's lead forensics investigator goes further concluding that almost two-thirds of victims don't even know when they've been breached.
"Security's greatest weakness is incidence detection," Bryan stressed. "If and when an incident is detected, victims often think that they're the only ones breached."
Based on Verizon's 10 years' worth of data collection and analyses, which now includes contributions from 49 other organizations from around the world, he notes how criminals are constantly able to outsmart defenders, a trend that continues to get worse each year.
Bryan also provides insights into the workings of Verizon's Cyber Intelligence Center (CIC), which is proving to be an integral weapon in the fight against cyber criminals. Machine-based systems collect nuggets of data through Verizon's IP backbone, the VERIS framework dataset of cyberincidents, amongst other sources, and with the combination of big data tools, Verizon's customers are then presented with an unprecedented set of intelligence. "With information like this, security doesn't have to be conventional," Bryan concluded.
The 2014 Verizon Data Breach Investigations Report found that just three patterns covered on average 72 percent of cyberthreats in a given industry. By understanding what threats are your biggest concerns, enterprises can better protect their organizations by focusing on the cyberthreats that are most prevalent in their sector. The SlideShare below looks at cyberthreats by industry, based on this year's report.