Verizon Helps Industry Fight Cybercrime by Publicly Releasing Framework Used for Data Breach Investigations Reports

In an initiative to make it easier for companies to analyze and exchange data about security breaches and unite in the fight against cybercrime, Verizon Business is publicly releasing the research framework used for the company's landmark Data Breach Investigations Reports.

The Verizon Incident-Sharing (VerIS) framework, released Monday (March 1), addresses a critical industrywide issue: the lack of a common standard for the collection of security-incident data and analysis.  Businesses and government agencies currently use a variety of different - and often incompatible - systems to collect this data, making it difficult to quickly identify major trends in security breaches and to take collective action. 

The incident-sharing framework will provide enterprises with a common structure for describing and analyzing security incidents. As a result, businesses will be able to compare and contrast their security data with Verizon's data breach reports, as well as with data of other organizations that use the VerIS framework, to gain a better understanding of how security breaches occur and what can be done to better manage risk.

"Since we began issuing the Data Breach Investigations Report, our customers and the security community at large have told us of their need for an open-source security-incident sharing program that will provide a universal foundation for data collection and analysis," said Peter Tippett, vice president of security and enterprise innovation at Verizon Business. "With the public release of VerIS, Verizon is answering this call by enabling organizations to work together in the ongoing fight against cybercrime."

(Note: Listen to an audio podcast about the VerIS framework. View images on Flickr.)

Securosis, a leading independent security research and advisory firm, is one organization in favor of a standard platform for capturing security information.  According to Rich Mogull, CEO of Securosis and a VerIS advisory board member, "It would be great if response teams started using a standard base of metrics. That would really help us perform external analysis across a wider base of data points."

The Verizon Incident-Sharing Framework Takes a Real-World Approach

The VerIS framework is designed to give organizations actionable security intelligence that can help improve an organization's ability to make sound security decisions. The  framework uses first-hand information taken from an organization's actual investigations to elicit insight into security attacks.

Specifically, the framework  examines four intersecting factors - threat, asset, impact and control - to collect information useful to risk management.  VerIS metrics are organized in four sections: demographics, incident description, discovery, and mitigation and impact description.  When viewed in the aggregate, they give businesses a tangible idea of cause and severity of attack.

"For far too long, the information security industry has been chasing today's headline threats with a limited ability to measure success," said Jeremiah Grossman, CTO of WhiteHat Security and a VerIS advisory board member. "VerIS provides a path to leave security mysticism behind us. The knowledge of who our adversaries are, what they want, and how they are getting  it is critical to safeguarding our digital world."

Helping Organizations Make the Most of Security Data

Companies can access Verizon's framework at http://securityblog.verizonbusiness.com/2010/02/19/veris-framework, where other resources will also be available, including an online community forum for open discussion among VerIS users.  Verizon also plans to name an advisory board to oversee the evolution of the VerIS framework to ensure it meets the needs of all organizations across all sectors.

About Verizon Business
Verizon Business, a unit of Verizon Communications (NYSE: VZ), is a global leader in communications and IT solutions. We combine professional expertise with one of the world's most connected IP networks to deliver award-winning communications, IT, information security and network solutions.  We securely connect today's extended enterprises of widespread and mobile customers, partners, suppliers and employees - enabling them to increase productivity and efficiency and help preserve the environment.  Many of the world's largest businesses and governments - including 96 percent of the Fortune 1000 and thousands of government agencies and educational institutions - rely on our professional and managed services and network technologies to accelerate their business. Find out more at www.verizonbusiness.com.