VERIS: A New Database for Sharing Security Incident Information

Verizon's interactive VERIS Community Database
Verizon's interactive VERIS Community Database

VERIS is the Vocabulary for Event Recording and Incident Sharing. It was originally developed and is currently owned by Verizon. Using VERIS, Verizon has now launched The VERIS Community Database.

Nobody doubts the value of sharing security information. The problem is that it is difficult to do so easily, securely, and in a manner that results in understandable information. "There are organizations that collect – and in some form – disseminate aggregated collections, but they are either not in a format that lends itself to ease of data manipulation and transformation required for research, or the underlying data are not freely and publicly available for use," said Verizon in an introductory blog posting.

To solve this,Verizon first developed VERIS, and is now using it as the basis of the VERIS Community Database – an interactive visual database of data breach informaiton. "The overall goal", says the website, "is to lay a foundation from which we can constructively and cooperatively learn from our experiences to better measure and manage risk."

The initial launch of the database contains data from more than 1200 incidents, primarily from 2012 and 2013. The data sources include the US Department of Health and Human Services, the sites of the various Attorneys General that provide breach notifications, media reports and press releases. "We intend to continue to augment this dataset to capture as many incidents as possible so that others can benefit", said Verizon.

Verizon warns that, for the moment, "The data are currently biased towards the Health sector since nearly half of the incidents come from the HHS publications". But, it says, as more people use and contribute to the database, it will eventually "become a rich, freely available data source for conducting... ad hoc research."

Try it out, says Verizon. "Prove or disprove an assumption you have made in your own work. You can make direct comparison between the findings in the DBIR [Verizon's annual Data Breach Investigations Report] and the public data to see how they differ. You can filter by industry and organization size and see how your organization stacks up against companies of the same size and industry."

Verizon plans to expand the dataset beyond data breaches. "We are interested in looking at all types of security incidents and continue to disseminate our data publicly to the community." The company hopes that the VERIS Community Database will build into a wide-scale security incident sharing and research tool for anyone to use.

What’s hot on Infosecurity Magazine?