Data Breach Summer Reading

My favorite is from Verizon (specifically, the services group that was formerly Cybertrust).  This report combs through the wreakage of more than 500 breach investigations that they've done over the past couple years. 

It is chock-a-block was fascinating data.  If you're a security professional looking for information to educate senior management about why what you do is important, this report will do the trick.  As an industry, we spend a lot of time on the latest threats and countermeasures - and we should to a point. 

This report demonstrates, however, that most breaches aren't that sophisticated and happen over weeks and months (not days).  They could be prevented with basic vulnerability management and monitoring techniques.

Debix (an identity theft protection service) released their May 2008 Identity Theft Study.  It examines consumer willingness to help prevent new account fraud. If you're a security pro for a B2C organization, there's some great data in here for you.