The annual Verizon Data Breach Investigations Report, commonly known as the DBIR, was just released for 2018.  As usual, it’s packed with useful information about data breaches – why they happen, who is perpetrating them, how they are getting in, and what they are trying to accomplish.  

Not surprisingly, the #1 cause of data breaches was “Use of stolen credentials.” Also called “hacking” in the DBIR, threat actors routinely target credentials for theft, often using phishing emails or social engineering as a method of acquiring usernames and passwords.  For hackers, using legitimate credentials is not only an effective way to initiate a breach, but also to go undetected for longer periods of time as they move laterally across a network, escalating privileges, accessing systems, and exfiltrating data. 

Also high on the list of breach actions, at #4, was “Privilege Misuse.”  Privilege misuse occurs when insiders, such as employees or contractors, use their legitimate privileged credentials to access data or systems beyond the scope of their job role, with the purpose of malicious use of organizational resources.  Unintentional misuse, due to employee error, can result in a data breach as well.

The DBIR focuses on how different industries vary in their risks and how they are targeted, but use of stolen credentials and privilege misuse universally impact diverse industries.  Privileged Access Management and Privileged Identity Management solutions such as Bomgar Privileged Access and Lieberman RED Identity Manager are security tools that are extremely effective in addressing these types of breach actions.  Using these solutions, organizations improve their security posture:

The DBIR can help you better understand how breaches can impact affected organizations, and Bomgar is ready to help reduce your risk of a breach by managing and controlling accounts and access while keeping your users productive.