Pattern Recognition: The First Step to Reducing Risk Is Recognizing Threats

Amy Larsen DeCarlo

Amy Larsen DeCarlo

Summary Bullets:

  • Business and governments alike are facing unprecedented cybersecurity challenges as the threat environment becomes more virulent and complex and as more data is digitized.
  • Yet, as difficult and complicated as it can be to mount an effective defense today, threats share some common traits. The latest Verizon Data Breach Investigations Report uncovered the fact that the majority of security incidents fit into one of nine distinct patterns.

In an era where cybercrime and its costs to business and government are escalating at a breakneck pace, resource-constrained enterprises are struggling to keep ahead of the threats. One of the issues made clear by incidents such as the 2013 Target breach is that often organizations have the information, but their IT teams are drowning in so many alerts and false alarms, they fail to focus in on the most damaging threats. Unfortunately, too many IT teams are simply overwhelmed by the volume of incident data and the mysterious sources of cyber-attacks.

One of the best weapons any enterprise has against the unknown is the ability to establish patterns that reveal critical information. With respect to threats, analytics is helping uncover previously unseen commonalities that can help organizations better understand the nature of both the attackers and the incidents themselves. This crucial information can provide enterprises with insights they need to design a better defense against the biggest risks to operations and data integrity and security.

Verizon’s most recent annual Data Breach Investigations Report (DBIR) is helping shed light on how as complex as the threat environment seems, most incidents share traits with other events. Analyzing data on thousands of confirmed breaches and security incidents over the course of the last decade, the Verizon breach report finds that events can be categorized into nine distinct threat patterns. These include: miscellaneous errors, crimeware/malware, insider/privilege misuse, physical theft/loss, web app attacks, denial of service attacks, cyber espionage, point-of-sale intrusions, and payment card skimmers.

Nine categories can still be overwhelming. Where the study really adds useful insight is when it examines the captured information by industry. Verizon discovered that in any given vertical industry, three types of threat patterns dominate in the majority (on average 72%) of incidents. So, in healthcare, for example, physical loss/theft, miscellaneous errors, and insider use are responsible for the overwhelming majority of breaches. Organizations can focus more of their policy and skill development, as well as their threat defense, on addressing these particular threats to continuity and assets.

How good of a gauge do you have on the nature of threats and risk in your organization and your industry? What gaps remain as you try to reduce your risk?

About Amy Larsen DeCarlo
As Principal Analyst for Security and Data Center Services at Current Analysis, Amy assesses the managed IT services sector, with an emphasis on security and data center solutions delivered through the cloud including on demand application and managed storage offerings.

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: