I still haven’t gotten around to reading Verizon’s 2011 Data Breach Investigations Report (74 pages long!), but I have run across summaries of the report. Essentially, the number of breaches have increased dramatically but the number of compromised records have decreased dramatically. I’d say it’s a win for data protection software, including drive encryption software like AlertBoot.
Until I read a quote from Verizon’s director of investigative response:
“The FUD is out of control,” said Sartin in a phone interview. FUD, short for fear, uncertainty, and doubt, is what the security business sells, suggests Sartin, who dismissed industry jargon like “advanced persistent threat” as a way to drive sales of security products and services.
“People find a rudimentary virus and they think the Chinese are out to get the Colonel’s secret recipe,” quipped Sartin. [informationweek.com]
It almost seems to imply that the security business sells, well, fluff. Which is a bold picture to paint, since one’d argue that it’s these same tools that security businesses sell that have led to the decreases Verizon has noted. Or have they?
In an interview, Sartin notes that the reason for the dramatic decline in breached records comes from the fact that the more capable hackers (not the best, just the ones that are most capable in creating mayhem) are under arrest or on the run. This is why over the past three years the records breached have decreased from 361 million to 144 million to 4 million.
These arrests were possible because companies’ reactions to data breaches have changed. Sartin notes that large companies have tools in situ for dealing with data breaches that rival those used by forensic specialists. Hence, figuring out what’s going on during a data breach doesn’t take as long as it used to, leaving a smaller window of opportunity for hackers to escape.
This also explains why the number of breaches have increased over time: criminals are now targeting smaller companies that are not as well-equipped to deal with data breaches. Smaller companies usually have less customers which means less data on hand, contributing little to the “breached records count.” It also means that the security exploits are not, and don’t need to be, as sophisticated, leading to higher “turnaround.”
Those are interesting conclusions. It seems to indicate that security tools are the reasons why the bigger breaches are, for the time being, a thing of the past (better security tools have led to arrests), not to mention that the lack of better security tools (by smaller businesses) is why breaches are on the increase.
I’ve got to admit, though, that if people are linking a virus with Chinese government hackers, they’re probably engaged in FUD. On the other hand, there is plenty of FUD-sy sounding stuff that is real. For example, it’s being reported that there appears to be a phone-based scam making its way through Texas after personal information was breached on-line.
Related Articles and Sites: