Verizon’s RISK Team publishes an annual report summarizing data breach incidents, and categorizing them on various criteria (e.g., who did it? how was it done?). It usually makes for some interesting, although sometimes depressing, reading. This year’s report [PDF] has now been released, and features a considerably larger data sample than in the past, thanks to the inclusion of data contributed by the US Secret Service.
I haven’t yet had a chance to read the 2010 report, but one statistic from it, quoted in a diary entry from the SANS Internet Storm Center, caught my eye: “86% of victims had evidence of the breach in their log files”. In other words, the sizable majority of breaches could be detected without anything fancier than the log files already being generated by the server(s).
I’ll post another note with some comments after I’ve read the report.