Verizon Hopes to Spur Security Data Sharing
There is no common way today of reporting incidents, said Wade Baker, director of risk intelligence for Verizon, and that is one barrier to industry-wide reporting of security breaches.
“There is not a way to describe an incident that everyone can use so that you can understand and use the same data,” Baker said. “That prevents the ability to amass a large amount of data and get a true picture of the security issues that we are facing.”
The Verizon Incident Sharing Framework can be used by enterprises as a common structure for describing and analyzing incidents in which networks are breached or data is lost or compromised, enabling assessments and comparisons with data compiled by other organizations using Verizon’s VerIS framework, including Verizon’s annual Data Breach Investigation Reports.
The VerIS looks at four different aspects of network security, including threats, assets, the impact of an intrusion or data breach, and control. It then organizes metrics into four sections: demographics, incident description, discovery, and mitigation and impact description. The end result is a report that shows the cause and magnitude of a given incident.
Greater data sharing will enable the industry to get a more accurate picture of the nature of security threats and do a better job of addressing them, Baker said. Verizon is making the VerIS framework available at no cost to encourage other service providers and organizations to use it.
“We can’t make people share information,” Baker said. “But we do hope this lends itself to better sharing. If we are all using the same language to describe security incidents, then we can figure out a way to share that information responsibly.
— Carol Wilson, Chief Editor, Events, Light Reading