POS Software Point of Sale Software Hardware GPS Security Camera
Bar Code


Technology News and Articles


 

Find Out How Verizon Is Fighting Cybercrime And Data Breach

In an initiative to make it easier for companies to analyze and exchange data about security breaches and unite in the fight against cybercrime, Verizon Business is publicly releasing the research framework used for the company's landmark Data Breach Investigations Reports.

The Verizon Incident-Sharing (VerIS) framework, released March 1, 2010, addresses a critical industrywide issue: the lack of a common standard for the collection of security-incident data and analysis. Businesses and government agencies currently use a variety of different -- and often incompatible -- systems to collect this data, making it difficult to quickly identify major trends in security breaches and to take collective action.

The incident-sharing framework will provide enterprises with a common structure for describing and analyzing security incidents. As a result, businesses will be able to compare and contrast their security data with Verizon's data breach reports, as well as with data of other organizations that use the VerIS framework, to gain a better understanding of how security breaches occur and what can be done to better manage risk.

"Since we began issuing the Data Breach Investigations Report, our customers and the security community at large have told us of their need for an open-source security-incident sharing program that will provide a universal foundation for data collection and analysis," said Peter Tippett, vice president of security and enterprise innovation at Verizon Business. "With the public release of VerIS, Verizon is answering this call by enabling organizations to work together in the ongoing fight against cybercrime."

Securosis, a leading independent security research and advisory firm, is one organization in favor of a standard platform for capturing security information. According to Rich Mogull, CEO of Securosis and a VerIS advisory board member, "It would be great if response teams started using a standard base of metrics. That would really help us perform external analysis across a wider base of data points."

The Verizon Incident-Sharing Framework Takes a Real-World Approach

The VerIS framework is designed to give organizations actionable security intelligence that can help improve an organization's ability to make sound security decisions. The framework uses first-hand info rmation taken from an organization's actual investigations to elicit insight into security attacks.

Specifically, the framework examines four intersecting factors -- threat, asset, impact and control -- to collect information useful to risk management. VerIS metrics are organized in four sections: demographics, incident description, discovery, and mitigation and impact description. When viewed in the aggregate, they give businesses a tangible idea of cause and severity of attack.

"For far too long, the information security industry has been chasing today's headline threats with a limited ability to measure success," said Jeremiah Grossman, CTO of WhiteHat Security and a VerIS advisory board member. "VerIS provides a path to leave security mysticism behind us. The knowledge of who our adversaries are, what they want, and how they are getting it is critical to safeguarding our digital world."

 

 


More News:

  • Industry News
    Point of Sale and Hospitality Vertical Market Industry News
 



Follow BCDATA on Facebook.Follow BCDATA on Twitter

 

[ [ Home ] . [ POS Hardware ] . [ POS Software ]. [ Security & ID].. [ News ]. [ About Us ] . [ Clients ] . ]