2016 PCI DSS DATA BREACH TRENDS This data visualization is an overview of SecurityMetrics' Payment Card Industry Forensic Investigation results from 2016.

CONTRIBUTED TO DATA BREACH The following is a list of how noncompliance with the different PCI requirements contributed to breaches for compromised organizations in 2016: REQUIREMENT 1: Protect Your System With Firewalls

17%

Didn’t contribute 39%

REQUIREMENT 2: Use Adequate Configuration Standards

Didn’t contribute

34% 44%

Contributed Information not available

Contributed Information not available

44%

22%

REQUIREMENT 3: Secure Cardholder Data

THE AVERAGE ORGANIZATION WAS VULNERABLE* FOR 1,021 DAYS

REQUIREMENT 4: Secure Data Over Open and Public Networks

CARDHOLDER DATA WAS CAPTURED* FOR AN AVERAGE OF 163 DAYS

11%

17%

Didn’t contribute

Didn’t contribute

Information not available

Information not available

83%

CARDHOLDER DATA WAS EXFILTRATED* FOR AN AVERAGE OF 106 DAYS

89%

REQUIREMENT 5: Protect Systems with Antivirus

REQUIREMENT 6: Update Your Systems

6%

Didn’t contribute 33% 61%

22%

28%

Didn’t contribute

Contributed

Contributed

Information not available

Information not available 50%

REQUIREMENT 7: Restrict Access

11%

2016 FORENSIC TAKEAWAYS

REQUIREMENT 8: Use Unique ID Credentials

6%

11%

Didn’t contribute

Didn’t contribute

Contributed Information not available

33%

56%

39% OF ORGANIZATIONS WERE BREACHED THROUGH INSECURE REMOTE ACCESS 22% OF ORGANIZATIONS WERE BREACHED DUE TO WEAK PASSWORDS 56% OF ORGANIZATIONS HAD MEMORY-SCRAPING MALWARE INSTALLED ON THEIR SYSTEM 89% OF ORGANIZATIONS HAD FIREWALLS IN PLACE AT TIME OF COMPROMISE; 44% OF FIREWALLS DID NOT MEET PCI REQUIREMENTS

Contributed Information not available

83%

REQUIREMENT 9: Ensure Physical Security

11%

REQUIREMENT 10: Implement Logging and Log Monitoring

TERMS TO KNOW:

11%

Didn’t contribute

Didn’t contribute

28%

Contributed

Contributed

Information not available

Information not available 72%

78%

* Vulnerable – A system, environment, software, and/or website can be exploited by an attacker. * Captured – Data is being recorded, gathered, and/or stored from an unauthorized source. * Exfiltrated – Unauthorized data is transferred from a system (e.g., exporting).

REQUIREMENT 11: Conduct Vulnerability Scans and Penetration Testing

REQUIREMENT 12: Start Documentation and Risk Assessments

6%

Didn’t contribute 44% 50%

23%

33%

Didn’t contribute

Contributed

Contributed

Information not available

Information not available 44%

Disclaimer: SecurityMetrics Forensic Investigators are Qualified Security Assessors, but do not perform a complete QSA audit of each PCI requirement during a PCI forensic investigation. PCI DSS requirement data is analyzed to the extent that they observe during the course of an investigation.

QUESTIONS ABOUT PCI COMPLIANCE? Download our 2016 Guide to PCI DSS Compliance

[email protected] 801.705.5656 © 2017 SecurityMetrics

SecurityMetrics PCI Data Breach Visualization.pdf

MEMORY-SCRAPING MALWARE. INSTALLED ON THEIR SYSTEM. 89% OF ORGANIZATIONS HAD. FIREWALLS IN PLACE AT TIME OF. COMPROMISE ...
Download PDF
143KB Sizes 0 Downloads 162 Views
Report

Recommend Documents

Data Breach Charts - BakerHostetler
BakerHostetler's Privacy and Data Protection Team. Our blog is: ... Data Breach Charts. [2]. States in Which Definition for “Personal Information” is Broader than the General Definition. Alaska. Personal Information of Alaska residents. ..... Med
Data Breach Checklist.pdf
Sign in. Loading… Whoops! There was a problem loading more pages. Retrying... Whoops! There was a problem previewing this document. Retrying.
Efficient Material Breach of Contract
Seller internalizes the costs social costs of the defect and exerts efficient effort. →(IC). Buyer reaps expected gross surplus; .... and can collect (imperfect) compensation: BA(δ) = v − α(δ) − p. - Material breach if δ>µ. Buyer can rejec
PCI DSS Policy.pdf
and credit cards are reliable and secure. These standards include controls for. safe handling of sensitive consumer information. 4. Merchant Account. An account established for a unit by a bank to credit sale amounts and debit. processing fees. Page
PCI DSS Policy.pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. PCI DSS Policy.
Practical New Developments on BREACH - GitHub
Our work demonstrates that BREACH can evolve to attack major web applica- tions, confirming ... on extensibility and scalability, resulting in a fairly modular design, allowing for easy .... first corresponds to the top half of the alphabet and the s
pci dss pdf
Loading… Page 1. Whoops! There was a problem loading more pages. pci dss pdf. pci dss pdf. Open. Extract. Open with. Sign In. Main menu. Displaying pci dss ...
PCI IP Core
Jan 24, 2004 - Configuration Space Access for Host Bus Bridges . ...... The PCI IP core (PCI bridge) provides an interface between the WISHBONE SoC bus ...
Bay Area PCI 2015.pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. Bay Area PCI ...
Driver pci ven_8086&dev_1c3a&subsys_844d1043&rev_04 ...
Hp laserjet 1000 driver for windows xp.Free download hp. deskjet d1300 printer driver for windows xp.If yua wothhuld yuar fiilongs thiriletounshop woll biwiek.
Cheap Ver 007S Red Pci-E Pci E Express Riser Card 1X To 16X ...
Cheap Ver 007S Red Pci-E Pci E Express Riser Card 1 ... r Machine 50Set Free Shipping & Wholesale Price.pdf. Cheap Ver 007S Red Pci-E Pci E Express ...
pci compliance standards pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. pci compliance ...
pci compliance standards pdf
Page 1. pci compliance standards pdf. pci compliance standards pdf. Open. Extract. Open with. Sign In. Main menu. Displaying pci compliance standards pdf.
pci compliance guide pdf
Page 1 of 1. File: Pci compliance guide pdf. Download now. Click here if your download doesn't start automatically. Page 1 of 1. pci compliance guide pdf. pci compliance guide pdf. Open. Extract. Open with. Sign In. Main menu. Page 1 of 1.
Watch Breach Of Promise (1942) Full Movie Online Free ...
Watch Breach Of Promise (1942) Full Movie Online Free .Mp4____________.pdf. Watch Breach Of Promise (1942) Full Movie Online Free .Mp4____________.
Watch Breach (2007) Full Movie Online.pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. Watch Breach (2007) Full Movie Online.pdf. Watch Breach (2007) Full Movie Online.pdf. Open. Extract. Open wi
pdf-1462\breach-of-faith-american-churches-and-the-immigration ...
Try one of the apps below to open or edit this item. pdf-1462\breach-of-faith-american-churches-and-the-immigration-crisis-by-james-c-russell.pdf.
Watch His Breach of Promise (1920) Full Movie Online Free ...
Watch His Breach of Promise (1920) Full Movie Online Free .MP4________.pdf. Watch His Breach of Promise (1920) Full Movie Online Free .MP4________.pdf.