Many Information Security professionals are familiar with the Verizon Data Breach Investigations Report (DBIR). But do you know anything about the VERIS framework that supports it? In this session Kevin Thompson from the Verizon RISK team will explain the Vocabulary for Event Recording and Incident Sharing (VERIS) and show you how you can use this open framework to record the same information about your security incidents that Verizon uses to produce the DBIR.
Objectives:
⁃ explain what the VERIS framework is.
⁃ explain how to use the VERIS framework to track and catalog information security incidents.
⁃ describe the information that is collected by the VERIS framework.
⁃ identify additional resources for using VERIS to collect incident data.
⁃ use the VERIS framework to create a feedback loop providing valuable information to the information risk management process.
- Understand the VERIS framework
- Learn the value of recording security incidents
- How to implement VERIS locally
About Kevin Thompson

Kevin Thompson is a researcher with the Verizon RISK team where he performs research on the ever-changing risk environment, investigates all manner of security incidents, and helps to develop solutions and knowledge based on credible data and analysis. Kevin is one of the researchers working on the wildly popular Data Breach Investigations Report and the underlying VERIS framework. Prior to working for Verizon, Kevin has worked in information security and risk management in higher education, health care, and the U.S. Navy. Kevin is CISSP certified, and is a FAIR certified risk analyst. Kevin also serves on the board of directors for the Society of Information Risk Analysts and is an adjunct faculty teaching information security and risk management at Minnesota State University, Mankato.