Verizon has released its 2009 Data Breach Investigations Supplemental Report [PDF file], looking at how breaches happen and advising on how to protect sensitive data.

“The report breaks down each of 15 threat types, describing what they do, how they gain access, what security personnel should look for an how to mitigate the risk,” writes SearchSecurity.com’s Neil Roiter. “Each entry includes a case study of a Verizon Business investigation in which the threat type was a key factor.”

“Each threat type has telltale indicators – unauthorized access via weak/misconfigured ACLs, for example, can be uncovered through routine log monitoring or user behavioral analysis, according to Verizon,” Roiter writes.

Click here to read the SearchSecurity.com story.