Digesting the Verizon Data Breach Investigations Report 2017

The much anticipated 2017 Data Breach Investigations Report from Verizon was launched this week and once again it highlights some interesting and concerning security trends.

This is the tenth year the Verizon Data Breach Investigations Report (DBIR) has delved into the world of cyber security as it pulls together a comprehensive picture of cyber crime today.

So, what does this year’s DBIR tell us?

Unmasking the culprits

Of the 65 organizations Verizon surveyed, around 75% of breaches were perpetrated by outsiders or organized criminal groups (51%). However, the enemy within also can’t be ignored. Verizon found that 25% of breaches resulted from internal actors, malicious or otherwise. In 60% of these cases, insiders absconded with data in the hope of converting it into financial gain in the future.

Who is affected?

Financial organizations remained the main target for cyber crime. 24% of breaches affected the financial services sector. Elsewhere healthcare and retail both ranked towards the top of the hackers hit list, representing 15% of breaches each.

Means and methods

Verizon found the overwhelming majority of hacking-related cases related to stolen or weak passwords and over half of breaches (51%) included some form of malware. One of the standout statistics in this area was that 43% of breaches originated via social media, underlining how social engineering has become an effective weapon in the cyber criminal’s arsenal.

7.3% of users across multiple data contributors were successfully phished – whether via a link or email attachment. In a typical company with over 30 employees, around 15% of users who fell victim once also took the bait a second time.

What else do we know?

This year’s DBIR also uncovered how email attachments are proving a fruitful tactic. 66% of malware was installed via malicious attachments.

Key learnings

From my own experience, and when we analyze many of today’s data breaches we often find a common pattern, or we can point to a common set of mistakes. Though the approach cyber criminals are taking is diversifying and becoming more sophisticated, the overall strategies remain unchanged. In fact, Verizon found that 88% of breaches in this year’s report fall into nine patterns it first identified back in 2014.

Unfortunately, many organizations are still failing to take appropriate action to address the gaps in their defenses. There remains a certain level of apathy which seems to be harder to eradicate than we’d like, as Verizon themselves identify, “No one thinks it’s going to be them. Until it is”.

We need to change that mentality, we need to move away from reacting to data breaches to proactively defending against them with the right mix of technologies that are fit for purpose, not outdated AV or firewalls. No matter what size your business, if you don’t have solid security foundations in place it will collapse.

You can learn more about how Defendpoint can proactively secure your business and defend against data breaches by visiting https://www.avecto.com/defendpoint or get in touch with one of our tech consultants for a software demo.