Data Breach Reports Need More Detail

Provide information that helps stop future attacks

One of my stories on data breaches.

Free Content on Jobs in Cybersecurity | Sign up for the Email List

Each week I compile the data breaches from the past week and try to determine sources of attack. This week, 2nd Sight Lab is changing the schedule of the updates to come out on Monday for the week prior. Looking at the past week’s news and compiling a list of the data breaches reported from many sources, the information is still not helpful in many cases from a defensive perspective. Simply stating that a company had a breach and attackers got in does not tell us much.

Most of the reports do not help other companies prevent similar attacks because they lack sufficient detail. Stating that an unauthorized person got into systems does not explain how they got into the hosts and networks in the first place. Trying to understand how data breaches happen is why I wrote my Target Breach white paper and analyze other data breaches to help organizations prevent similar attacks.

• Which software, hardware, or network vulnerabilities did the attackers use to gain access?
• Was a particular port exposed?
• Did the attacker leverage phishing or social engineering?