Data Breaches: Two Tales, Two Motives: Financial vs. Espionage

Presented by

John Grim, Distinguished Architect, Verizon Threat Research Advisory Center

About this talk

For the 2014-2020 DBIR (Data Breach Investigations Report) timeframe, annually, we see Financial motive underlying breaches between 67% and 86% of the time and Espionage motive as the driver between 10% and 26% of the time. Given their nature (e.g., stealthy tactics, specific targeting), Espionage attacks can be difficult to detect and identify as an actual Espionage-related attack (given scant IoCs and other details). Whereas Financial attacks—if not detected while occurring or soon thereafter—eventually become apparent when money goes missing. At that point, the Financial motive, if not already ascertained, can be determined. When we look at the VERIS (Vocabulary for Event Recording and Incident Sharing) A4 Threat Model—Actors, Actions, Attributes, Assets—we see similarities with and differences between data breaches involving Financial attacks and Espionage attacks. Join this session and discover: · how data breaches with Financial and Espionage motives compare · how data breaches with Financial and Espionage motives differ · what can be done to counter either Financial and Espionage attacks

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (784)
Subscribers (197941)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.