The Difference Between Espionage and Financial BreachesVerizon's John Grim on Why Espionage Breaches Are Tougher to Spot
Cyberespionage breaches take longer to discover than financial breaches. One of the biggest clues to finding them lies in understanding suspicious network traffic. John Grim of the Verizon Threat Research Advisory Center shares insight from a new study of cyberespionage trends.
See Also: 2022 Proofpoint State of the Phish
Grim, head of research, development and innovation at VTRAC, was part of a recent study of how espionage breaches behave differently from traditional financial breaches.
"In order to understand what suspicious traffic is, you need to understand what is normal," Grim says. "You need to have the means to capture that traffic and to capture the packets as well as detect these threat actors in real time."
In a video interview with Information Security Media Group, Grim also discusses:
- How financial breaches are different from espionage breaches;
- The industries most affected by espionage;
- Security tools to leverage to detect cyberespionage attacks.
Grim is head of research, development and innovation at Verizon Threat Research Advisory Center. He has more than 18 years of experience leading investigations of data breaches and cybersecurity incidents within the government and civilian security sectors.