Some interesting infos on IT security from Verizon’s Peter Tippett

Today I attended a Panel meeting and lunch at the Swiss American Chamber of Commerce. Topic was security challenges in general and among the speakers was Peter Tippet, VP Technology & Innovation who flew in from the US for this event and who gave a nice speech. Some of the key points he mentioned:

• Data Breach Investigation report (DBIR) collects since 8 years valuable IT threat data
• Verizon is working on 1000 cases per year where security attacks succeeded, the results also go into the DBIR
• 92% of all security breaches come from stealing the password, a simple 2-factor login (e.g. security chip card) would very likely stop most of these incidents
• faster patching would not have prevented any of the investigated cases
• in most cases (70%) the intruders use non-critical business applications to come in and not at all the top applications where most of the IT security money is spent
• Verizon runs the backbone of the Internet if you like by providing 20,000 gateways in 160 countries
• through these gateways they are able to identify 1700 names/day of possible or actual intruders
• they are getting data for prosecuting cyber criminals and did so in 45 successful cases in 2010, 97% of these cases would have been preventable with the right security measures
• his bottom line message was: do more of the very simple things and do them very well instead of trying the sophisticated stuff as most attacks happen not there

Tags: DBIR, IT security, Peter Tippet, Swiss-American Chamber of Commerce

This entry was posted on Wednesday, April 13th, 2011 at 4:35 pm and is filed under Best Practice Stories. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.