SAN FRANCISCO, Feb. 27, 2013 /PRNewswire/ -- The soon-to-be-released " Verizon 2013 Data Breach Investigations Report" will provide an even broader, more extensive picture of cybercrime around the globe by expanding the types of security events studied and analyzing data from a much larger number of global security organizations.
To be released this spring, the 2013 DBIR will study security events such as distributed denial of service attacks, network intrusion, insider misuse, and attacks against the energy and critical infrastructure sectors. The report will contain data from 19 organizations, more than three times as many as the six organizations in the prior year's study.
The new organizations are: CERT Insider Threat Center (of Carnegie Mellon University); Consortium for Cybersecurity Action; Danish Ministry of Defence, Center for Cybersecurity; Danish National Police, NITES (National IT Investigation Section); Deloitte; Electricity Sector Information Sharing and Analysis Center (ES-ISAC); European Cyber Crime Center (EC3); G-C Partners, LLC; Guardia Civil (Civil Guard of Spain); Industrial Control Systems Cyber Emergency Response Team (ICS-CERT); Malaysia Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia; National Cybersecurity and Communications Integration Center (NCCIC); ThreatSim; and the US Computer Emergency Readiness Team (US-CERT).
The organizations continuing to contribute data include: the Australian Federal Police; Dutch High Tech Crime Unit (NHTCU) ; Irish Reporting and Information Security Service (IRISS-CERT); U.S. Secret Service; and the Verizon RISK (Research Investigations Solutions Knowledge) team."The additional contributing security organizations will enable us to paint an even clearer picture of the threat landscape facing businesses today," said Wade Baker, managing principal of the RISK team and principal author of the DBIR. "This added insight will make a difference in helping organizations around the globe put the right defense in place. Today's cyber landscape remains a tough one to navigate, and unfortunately, we believe it will continue to remain challenging in 2013." All DBIR contributors use the Verizon VERIS framework to input breach data. The framework, which has been in existence since early 2010, uses a common language and a structured, repeatable process, both of which allow organizations to objectively classify security incidents. "The common language is critical, as there is currently no universal language that describes security incidents or an accepted industry standard for the development of risk metrics," noted Baker.