Description:“There are plenty of ways to analyze a breach. There are models for the recon, the break in and the exfiltration. But, what if the attacker steals more than database dumps and customer records? How do you model what you just lost in terms of business, competitive advantage and potential damage to the infrastructure? Given today’s attacker focus on source code, methodologies, future state plans and architectures for infrastructure, we need a better way to model, analyze and communicate the impacts of what we lost.
Enter the Stolen Data Impact Model (SDIM) Project. Led by MSI Security Evangelist & CEO, Brent Huston, the SDIM is a work in progress to answer some of these questions. This talk will introduce the project, cover the goals and progress and leave the audience with more insights into how to understand and discuss what was stolen in information security compromises. Examples will be demonstrated and the framework for analysis will be explained. Take aways will not only include better understanding of the SDIM, but also prepare the audience for using it and participating in its design and maturity.