Registration Page

     First Name:
     Last Name:
     Dept/BOX/ MS:
     Zip/Postal Code:
     Phone: - -
     Fax: - -
     Company URL:

Register Now
Featured Speakers:
  • Phil Neray,  Vice President of Security Strategy, Guardium
  • Christopher Novak,  Managing Principal & Founding Member, Verizon Business' Investigative Response Team
  • Tim Wilson,  Site Editor, Dark Reading
    Guardium Privacy Policy

    Bookmark and Share

    A Dark Reading and InformationWeek Webcast:

    Lessons From the "2009 Data Breach Investigations Report"

    Duration: 60 Minutes

    More electronic records were breached in 2008 than the previous four years combined, fueled by strong involvement of organized crime, according to a study by the Verizon Business RISK Team.

    The study is based on data analyzed from Verizon Business' actual 2008 caseload comprising 285 million breached records, as well as the combined findings of nearly 600 breaches involving more than a half-billion compromised records from 2004 to 2008.

    Please join Chris Novak, Managing Principal - Investigative Response from Verizon Business Systems to learn why:

    • Database servers accounted for 75 percent of all compromised records -- despite widespread concern over desktops, mobile devices and portable media – and why "the criminals appear to be going for the crown jewels."
    • SQL injection and unauthorized access via default credentials were the top types of hacking.
    • A staggering 95 percent of breached organizations subject to PCI-DSS were non-compliant with Requirement 10 (Track and monitor all access to cardholder data).
    • The ability to detect a data breach when it occurs remains a huge stumbling block for most organizations -- in 69 percent of cases, the breach was discovered by third parties, usually as a result of fraudulent activity.
    • "Unknown unknowns" -- including unknown privileges and unknown locations of sensitive data -- are among the top causes of breaches.
    • 67 percent of breaches were caused by significant IT errors such as misconfiguration.
    • All vulnerabilities exploited were six months old or older -- meaning that patching quickly isn't the answer, but patching completely and diligently is.
    • Cybercriminals increasingly use "anti-forensics" to cover their tracks, such as erasing server-resident logs.
    • Verizon recommends that organizations "Discover what is critical, identify what constitutes normal behavior, and then set focused mechanisms in place to look for and alert upon deviations from normality."

    Phil Neray, VP of Security Strategy for Guardium, will also present real-world case studies about enterprises that have implemented database activity monitoring (DAM) to:

    • Continuously monitor and log all database activities in real-time -- without degrading performance or relying on native DBMS-resident logs.
    • Immediately identify unauthorized or suspicious actions via granular policies and activity baselines.
    • Automate critical tasks such as data discovery, database vulnerability assessments, compliance reporting and oversight mechanisms (sign-offs, escalations, etc.).

    Check out this educational webcast to learn about the critical trends in data theft and proven strategies for increasing your company's data-level security against modern cybercriminals!


    UBM Tech - 600 Community Drive, Manhasset, New York 11030 - Privacy Statement