Nov 14 10 7:22 PM

Tags : :

A new Web site could help turn security breach guesswork into science.
Database breaches, social engineering attacks, and hacking incidents happen at companies every day, but very few end up being reported publicly. That's because organizations fear--and rightly so--damage to their reputation, public humiliation, and loss of customer confidence.

But this silent victim syndrome means that others can't learn from the missteps of victims and wow power levelingthat the industry as a whole doesn't have a good grasp on the scope of the problem.

In a first-of-its-kind effort, Verizon Business is launching a public Web site for reporting security incidents that could crack open the self-defeating secrecy of data breaches.

"This will benefit the overall community," Alexander Hutton, a principal of research and intelligence at Verizon Business, told CNET in an interview. "The valid data helps us all learn from mistakes."

Verizon is officially launching today its Veris information-sharing site where network or security professionals can provide detailed information about an incident and get back a report that illustrates via charts, graphs, and other information how the reported incident compares with others.

The Web site generates a report after information has been submitted that makes a comparison between the incident reported and others.
user posted image
The Web site generates a report after information has been submitted that makes a comparison between the incident reported and others.
(Credit: Verizon Business)
The site's multiple-page questionnaire dives into the details of incidents and particulars about the company, such as which industry it's part of, the size of the business, and how many security staffers it has, so comparisons can be made to similar organizations. The online form also asks respondents how long it took to discover and contain the incident, how it could have been prevented, and how much time, resources, and money were lost due to the breach.

"There is a lot of survey data out there [about estimated costs], but it's not like you can go in and get actual figures," Hutton said. "We're hoping to get specific information by doing this."

Once the data is submitted, the site generates a downloadable report on the fly--in a demonstration the report was 19 pages in length--that classifies the type of incident, analyzes power leveling wowthe details, and shows how it stacks up to other incidents in Verizon's incident database compiled over the last five years. That database, which consists of information that Verizon has gleaned from its managed service of customer networks, has about 900 million records and includes information from the U.S. Secret Service that was added this summer.
Quote    Reply   

#1 [url]

Nov 16 10 9:50 PM

The UGG Roxy Tall strap up the front with ribbons that you lace securely through gold.Register now for your later visit.How to Clean UGG Suede Boots are so cozy and warm, you may never want to take...ugg boots uk:The best place to find and buy cheap ugg boots on sale.We have ugg boots sale in the UK with the best price,some say we are the best Ugg online store in the UK, cheaper price,free shipping and fast delivery.

Quote    Reply   
Add Reply

Quick Reply

bbcode help