Last week, I covered the jump in nation-state affiliated data breaches. Today, I am ready to take on the overall highlights of the Verizon 2019 Data Breach Investigations Report (DBIR).
The report is based on a detailed analysis of 41,686 security incidents, including 2,013 confirmed data breaches.
Who is behind the attacks?
- 69% involved outsiders
- 34% involved internal actors
- 2% involved partners
- 5% featured multiple parties
- 39% of breaches involved organized criminal groups
- 23% involved nation-state or state-affiliated actors
What actions are being used?
- 52% of breaches involved hacking
- 33% included social attacks
- 28% involved malware
- 21% of breaches involved human error
- 15% involved misuse by authorized users
- 4% of breaches involved physical actions
Who are the data breach victims?
- 16% public sector entities
- 15% healthcare organizations
- 10% financial organizations
- 43% small businesses
Key takeaways?
- C-level executives were 12 times more likely to be the target of social incidents and 9 times more likely to be the target of social breaches than they were previously.
- As businesses move to the cloud, there has been an increase in hacking cloud-based email servers using stolen credentials.
- Payment card web application compromises are well on their way to exceeding physical terminal compromises in payment card related breaches.
- Ransomware is still going strong, accounting for nearly 24% of incidents where malware was used. Other threats that are frequently hyped (such as cryptomining) accounted for only 2% of malware and seldom appeared in the DBIR data set.
- Physical terminal compromises in payment card related breaches is decreasing. This may show an emerging victory for the implementation of chip and pin payment technology.
- The data set showed six times fewer Human Resource personnel being impacted compared to last year. This correlates with W-2 tax form scams almost disappearing from the DBIR data set.
- Click-through rates on phishing simulations fell from 24% to 3% during the past seven years. However, it is notable that 18% of people who clicked on test phishing links did so on mobile devices.
Overall, very interesting. I am now left with the task of updating all my DBIR PowerPoint slides. And it would appear that, as ever, the cybersecurity landscape has had some significant changes.
Email: snelson@senseient.com Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson