Published: Feb 21, 2017
Author: Verizon Enterprise Solutions

What do a corporate communications officer, an HR manager and legal counsel all have in common? They all need to be involved in tackling cybercrime.

Cyber attacks aren’t just a problem for your IT security team. Handling the aftermath of an attack is an enterprise-wide problem that can involve HR, corporate communications and legal counsel, as well as security specialists. That’s why the 2017 Data Breach Digest (DBD) looks at some of the most prevalent and dangerous cyber threats from the perspective of key stakeholders from across the business. It can help you mitigate the risks and understand the critical decisions you’ll need to make if you suffer a breach.

The DBD is designed to complement our annual Data Breach Investigations Report (DBIR). Where the DBIR is chock-full of stats and metrics, the DBD is all about experiences. It brings cybersecurity to life by relating tales of real-life data breach scenarios from the point of view of the responders.

This year, we cover 16 security incidents we helped resolve—from the case of the regional water supplier defrauded by a trusted partner, to the university overwhelmed by a botnet comprising thousands of Internet of Things (IoT) devices. We walk you through each case, from initial incident detection (and validation), through response and investigation, to resolution and lessons learned.

Here are four ways you can navigate the Data Breach Digest and learn from our experiences on the frontline of cybersecurity:

1. Dive straight in. In every one of the scenarios in the DBD, you’ll find something that can help improve your cybersecurity.
2. By category. We’ve divided the 16 scenarios into four clustered groupings: The Human Element, Conduit Devices, Configuration Exploitation and Malicious Software.
3. By industry. We’ve created a simple DBD Usage Matrix that allows you to find the scenarios that pose the biggest threats in your industry.
4. By role. You can look for the scenarios written from the perspective of stakeholders that most closely match your role.

And if you want a quick summary of each data breach scenario, check out our Attack-Defend cards. These show: the sophistication level of each attack; time to discover and containment; who you’re up against and their motivation; the industries most at risk; key stakeholders in the breach response; and the countermeasures you can take.

The DBD is an invaluable resource for non-technical Incident Response (IR) stakeholders as well as IT security practitioners. We hope you enjoy reading the latest edition and, in doing so, gain a new perspective on data breach response.