Incident Response

Early Lessons from the Marriott Breach

On November 30th, Marriott announced that a guest reservation database on the Starwood side of its business had been breached. Initial reports indicated that upwards of 500 million individuals were affected. The stolen data includes quite sensitive information, such as guest passport details and, likely, payment card information. Although it will probably take time before we fully understand the details of the incident – which appears to have continued unabated since 2014 – there are lessons that we can learn from the details already in… more

The Likelihood of Company Executives Being Fired Post-Data Breach – It Isn't Pretty

In April 2018, Verizon released the 11th edition of its Data Breach Investigations Report. As usual, the Verizon DBIR contained interesting data points culled from more than 53,000 incidents and 2,216 confirmed data breaches. It won’t come as a surprise to many to learn that outside agents were responsible for the majority (73%) of cyberattacks in 2017. What may be surprising, though – and is undoubtedly disconcerting – is the assertion that internal actors (i.e., employees and contractors) were behind 28% of data breaches, with financial gain and… more