Take a scientific look at information security incidents reported in public news sources. This talk introduces the VERIS Community Database (VCDB), a research project aimed at gathering news articles about information security incidents, extracting data, and serving as a public repository of breach data suitable for analysis and research. We will discuss how to apply the methodology of the Data Breach Investigations Report (DBIR) to public data to answer research questions, and how this view of information security incidents differs from the DBIR.
Kevin Thompson (@bfist) is a Risk and Intelligence Researcher with the Verizon RISK Team and one of the authors of the Data Breach Investigations Report. Kevin has worked in health care, higher ed, and defense and has 17 years of IT experience. He is a member of the Society of Risk Analysts, and the Society of Information Risk Analysts and holds various security certifications.