Now in its 11th installment, Verizon’s Data Breach Investigations Report (DBIR) is a must-read for cybersecurity professionals across the globe. The 2018 edition dives deep into more than 53,000 real incidents and 2,216 confirmed data breaches with the ultimate goal of informing defenders on the threats they face and how to protect against them.

The 68-page report is available for download here, but if you’re looking for the key takeaways, we’ve highlighted some of this year’s key findings below.

The Big Picture

Outsiders were behind the majority of cyberattacks last year (73 percent). Organized crime groups carried out 50 percent of all data breaches with 12 percent involving actors known as nation-state or state-affiliated. Meanwhile, 28 percent of data breaches were perpetrated by internal actors. Nine out of 10 times, the main drivers motivating them were financial gain and espionage.

DBIR, pg. 5

Breach Timeline

It takes cybercriminals just minutes, or even seconds, to compromise a system – but only three percent are discovered as quickly. Sadly, this year’s report shows that two-thirds (68 percent) of attacks went undiscovered for months or longer.

Tim Erlin, VP of Product Management & Strategy at Tripwire, believes that faster recovery begins with monitoring for changes on the network:

It may seem trite, but every incident begins with some kind of change. Organizations shouldn’t underestimate the value of being able to detect changes in their environment and make sense of them. Start by understanding what you have, then by ensuring it’s deployed securely, and follow-up with monitoring for changes. If you need an independent third-party to justify these controls, the CIS 20 critical security controls does exactly that.

DBIR Executive Summary, pg. 6

Social Attacks

Unfortunately, humans are still considered the weakest security link, something organizations should be wary of when (Read more...)