Coordinated Response
Services and tools for incident response management

Insiders pose a unique threat. A Data breach involves legal issues. Does your incident response plan reflect the required actions?

The Verizon 2013 Data Breach Investigations Report provides insight into the role of insiders when data is breached.

Profit-driven organized crime groups were tied to over half of all breaches.

Attackers targeted mostly finance, retail, and food service industries. Attackers profit from selling payment data or personal information. Almost all states and the District of Columbia have data breach laws governing this type of incident.

State-affiliated Actors were linked to 21% of all breaches.

Here the attackers were seeking intellectual property trade secrets, sensitive internal data, or systems information. The targeted industries were Manufacturing, Professional Services and Transportation. This raises issues of liability or economic loss.

There are two important statistics associated with cyber-espionage campaigns.

  • First, over 95% started with a phishing attack. Companies need to take their anti-phishing controls seriously.
  • Second, smaller companies, those with less than 10,000 employees, were attacked 4 times more than larger companies. Small professional services or law firms were often targets due to the sensitive information they held for their clients.

Malicious Insiders account for 14% of data breaches.

But, Verizon also states that External Actors are involved in over 90% of all data breaches. So, often an external actor recruits or coerces an insider.

Risk Awareness is the first step.

Include insider threats and the potential impact of a data breach in your risk assessment.

An Incident Response Plan is the second step.

When dealing with insider threats, consider the legal and human resource issues. Managing employees or contractors involves legal and regulatory issues. When dealing with a data breach, appropriate legal steps need to be followed.

Coordinated Response

Coordinated Response can help you develop a plan that anticipates the unique actions needed to address a data breach or an insider threat.

One Comment

Leave A Comment

You must be logged in to post a comment.