Take a scientific look at information security incidents reported in the public news sources. This talk introduces the VERIS Community Database (VCDB), a research project aimed at gathering news articles about information security incidents, extracting data, and serving as a public repository of breach data suitable for analysis and research. We will discuss how to apply the methodology of the Data Breach Investigations Report (DBIR) to public data to answer research questions, and how this view of information security incidents differs from the DBIR.
Kevin Thompson (@bfist) is a Risk and Intelligence Researcher with the Verizon RISK Team and one of the authors of the Data Breach Investigation Report. Kevin has worked in health care, higher ed, and defense and has 17 years of IT experience. He is a member of the Society of Risk Analysts, and the Society of Information Risk Analysts and holds various security certifications
Suzanne Widup (@SuzanneWidup) is a member of the Verizon RISK Team and a co-author of the Verizon Data Breach Investigations Report. She focuses on data breach research and has published a series of papers and articles on the topic. She is also the author of Computer Forensics and Digital Investigation with EnCase Forensic, which publishes in May 2014. Kevin Thompson (@bfist) is a Risk and Intelligence Researcher with the Verizon RISK Team and one of the authors of the Data Breach Investigation Report. Kevin has worked in health care, higher ed, and defense and has 17 years of IT experience. He is a member of the Society of Risk Analysts, and the Society of Information Risk Analysts and holds various security certifications.