Jay Jacobs
About
Detail
Founder
United States
Résumé
Jobs
verified_user
0% verified
FounderEmpirical SecurityOct 2024 - Current (1 year 9 months)- Chief Data Scientist, Founder and PartnerCyentia InstituteAug 2016 - Current (9 years 11 months)
- Sr. Data ScientistBitSightJun 2015 - Dec 2017 (2 years 7 months)
- Data AnalystVerizon BusinessJan 2012 - Jun 2015 (3 years 6 months)
- PresidentSociety of Information Risk Analysts SiRAJan 2010 - Feb 2017 (7 years 2 months)
- MPrevious Chapter PresidentMN ISSAJun 2008 - Dec 2012 (4 years 7 months)Served on the Board of Directors since 2008 and as President of the chapter from 2011 to 2012.
- Sr. Technical ArchitectTargetJan 2008 - Jan 2012 (4 years 1 month)
Education
verified_user
0% verified
- BA, IT ManagementConcordia UniversitySt PaulJan 2007 - Dec 2008 (2 years)
- Masters Certificate, Applied StatisticsPenn State University
Projects (professional or personal)
verified_user
0% verified
- EExploit Prediction Scoring System (EPSS)Jan 2018 - Dec 2018 (1 year)The Exploit Prediction Scoring System (EPSS) is an open, data-driven effort for estimating the likelihood (probability) that a software vulnerabilities will be exploited in the wild. Our goal is to assist network defenders to better prioritize vulnerability remediation efforts. While other industry standards have been useful for capturing innate characteristics of a vulnerability and provide measures of severity, they are limited in their ability to assess threat. EPSS fills that gap because it uses current threat information from CVE and real-world exploit data. The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
- VVocabulary for Event Recording and Incident Sharing (VERIS)Jan 2010 - Current (16 years 6 months)The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. VERIS targets this problem by helping organizations to collect useful incident-related information and to share that information - anonymously and responsibly - with others. The overall goal is to lay a foundation from which we can constructively and cooperatively learn from our experiences to better measure and manage risk.
Publications
verified_user
0% verified
- 2015 Data Breach Investigations ReportVerizonApr 2015The 2015 DBIR expands its investigation into nine common threat patterns and sizes up the effects of all types of data breaches, from small data disclosures to events that hit the headlines. This year deviates from previous years in that we stray from just discussing data breaches and investigate other topics for cyber security including mobile device security, threat indicators and a ground breaking analysis on on the impact of data breaches.
- 2014 Data Breach Investigations ReportVerizonApr 2014The 2014 Data Breach Investigations Report (DBIR) casts new light on threats — taking 10 years of forensic data and finding that 92% of these can be categorized into nine basic attack patterns. This approach also helps identify primary threats to your industry, which you can analyze to reinforce your defenses.
- Data-Driven Security: Analysis, Visualization and DashboardsWileyFeb 2014Uncover hidden patterns of data and respond with countermeasures Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.
- 2013 Data Breach Investigations ReportVerizonApr 20132012. Perhaps more so than any other year, the large scale and diverse nature of data breaches and other network attacks took center stage. But rather than a synchronized chorus making its debut on New Year’s Eve, we witnessed separate, ongoing movements that seemed to come together in full crescendo throughout the year. And from pubs to public agencies, mom-and-pops to multi-nationals, nobody was immune. As a result—perhaps agitated by ancient Mayan doomsday predictions—a growing segment of the security community adopted an “assume you’re breached” mentality. All in all, 2012 reminded us that breaches are a multi-faceted problem, and any one-dimensional attempt to describe them fails to adequately capture their complexity. The 2013 Data Br
- 2012 Data Breach Investigations Report Industry SnapshotsVerizonJan 2012We took another look at the data from our 2012 Data Breach Investigations Report (DBIR) and analyzed it across a number of industries: Financial and Insurance, Healthcare, Accommodations and Food Service as well as Retail. We also reviewed cases where Intellectual Property was stolen, regardless of the industry, to analyze the attack methods and data stolen. This is relevant to a variety of organizations, but may be of particular interest for the public sector, manufacturing, or high tech industries.
- 2012 Data Breach Investigations ReportVerizonMar 2012This year our DBIR includes more incidents, derived from more contributors, and represents a broader and more diverse geographical scope . The number of compromised records across these incidents skyrocketed back up to 174 million after reaching an all-time low (or high, depending on your point of view) in last year’s report of four million . In fact, 2011 boasts the second-highest data loss total since we started keeping track in 2004. Once again, we are proud to announce that the United states secret service (Usss) and the Dutch national High Tech Crime Unit (nHTCU) have joined us for this year’s report . We also welcome the australian federal Police (afP), the Irish Reporting & Information security service (IRIssCeRT), and the Police Cen