Verizon Business is publicly releasing the research framework used
for the company’s Data Breach Investigations Reports. The
Verizon Incident-Sharing (VerIS) framework addresses a critical
industry-wide issue—the lack of a common standard for the
collection of security-incident data and analysis.
The incident-sharing framework will provide enterprises with a
common structure for describing and analyzing security incidents.
As a result, businesses will be able to compare and contrast their
security data with Verizon’s data breach reports, as well as
with data of other organizations that use the VerIS framework.
“Since we began issuing the Data Breach Investigations
Report, our customers and the security community at large have told
us of their need for an open-source security-incident sharing
program that will provide a universal foundation for data
collection and analysis,” said Peter Tippett, VP of Security
and Enterprise Innovation at Verizon Business. “With the
public release of VerIS, Verizon is answering this call by enabling
organizations to work together in the ongoing fight against
cybercrime.”