Financially motivated data breaches are similar to yet different from espionage motived data breaches. In this session, Verizon – producers of the annual Data Breach Investigations Report – will compare and contrast financially-motived and espionage-motived data breaches. Verizon will present this session through the lens of VERIS – Vocabulary for Event Recording and Information Sharing – Framework, to include the A4 Threat Model: Actors, Actions, Attributes, and Assets, and highlight key controls to counter data breaches.
Industry accepted frameworks and tools can help improve capabilities to better prevent, mitigate, detect, and respond to data breaches with Financial motives or Espionage motives. These frameworks and tools include the VERIS framework, VIPR phases, NIST Cybersecurity Framework, and Center for Internet Security (CIS) Critical Security Controls (CSCs).