What is the DBIR, and why should we care?
I was recently asked this question after excitedly downloading the 2013 DBIR from Verizon. The wind came out of my sails, and I was forced to pause and reflect on this question;after a few moments I provided my answer:
"The Data Breach Investigations Report is another tool to help us understand how to best allocate our scarce IT security resources."
The fact is, if we have a better understanding of how organisations similar to us in size, scope, or industry are targeted, and for what purposes, then we can better focus how we spend on IT security. That's my argument for the validity of the DBIR, and why it's worthy of our time as IT security professionals.
However, reading a report by yourself, however well authored and researched, is limited in it's value. Where I feel the maximum value is delivered is when our IT security community is provided tools such as this and then we have the intelligent debates and discussions around them. Collaborate on our insights, and challenge each-others preconceptions. No area of IT changes faster with more risk attached than securing those crown jewels of our organisations.
So who out there has read the 2013 DBIR?
Do you feel it is relevant to your responsibilities?
Do tools like the DBIR make your job easier, or more difficult?