年数据泄露调查报告.docxVIP

2018 Data Breach Investigations Report  Research report 11th edition http://bfy.tw/HJvH First-time reader? Don’t be shy—welcome to the party. As always, this report is comprised of real-world data breaches and security incidents—either investigated by us or provided by one of our outstanding data contributors. The statements you will read in the pages that follow are data-driven, either by the incident corpus that is the foundation of this publication, or by non-incident datasets contributed by several security vendors. We combat bias by utilizing these types of data as opposed to surveys, and collecting similar data from multiple sources. We use analysis of non-incident datasets to enrich and support our incident and breach findings. Alas, as with any security report, some level of bias does remain, which we discuss in Appendix E.  Incidents vs. breaches We talk a lot about incidents and breaches and we use the following definitions: Incident A security event that compromises the integrity, confidentiality or availability of an information asset. Breach An incident that results in the confirmed disclosure— not just potential exposure—of data to an unauthorized party. VERIS resources The Vocabulary for Event Recording and Incident Sharing (VERIS) is free to use and we encourage people to integrate it into their existing incident response reporting, or at least kick the tires. HYPERLINK features information on the framework with examples and enumeration listings. HYPERLINK /vz-risk/veris /vz-risk/veris features the full VERIS schema. HYPERLINK /vz-risk/vcdb /vz-risk/vcdb provides access to our database on publicly disclosed breaches, the VERIS Community Database. About the cover The arc diagram on the cover is based on the data in Appendix C: Beaten paths. It illustrates the actors, actions, and attributes as nodes; and the order of their occurrence in attack paths as edges—see the callout on page 54 for more information. Weve counted how many times each node