Many sites list breaches and data loss events. Datalossdb is probably one of the most organized and detailed. The statistics page shows some interesting statistics: 81% of all breaches are a result of malicious individuals or external users (I would call them hacks). Datalossdb, as well as other security-related and incident listing sources, is based on breach notifications that are a mandatory requirement to comply with the various data protection acts.
Researching past breaches can help us prevent future events. However, in certain cases, breach notifications can't really tell whether a breach actually occurred. In such instances (see example below), an organizations must assume that a breach occurred and data was lost.
Such cases highlight the difference between general activity monitoring and log collecting versus Database Activity Monitoring (DAM) for compliance (and also security).
Database Activity Monitoring allows you to identify who was accessing sensitive data, when and how. If deployed in security mode, it can also PREVENT such breaches.
Source: http://doj.nh.gov. Click on the image to see a larger version.
Such cases highlight the difference between general activity monitoring and log collecting versus Database Activity Monitoring (DAM) for compliance (and also security).
Database Activity Monitoring allows you to identify who was accessing sensitive data, when and how. If deployed in security mode, it can also PREVENT such breaches.
Source: http://doj.nh.gov. Click on the image to see a larger version.
Leave a comment