5 Insights From the 2018 Verizon DBIR

The 2018 Data Breach Investigations Report digs deep into data-driven findings about the state of global cybersecurity across a number of industries that include manufacturing, healthcare, financial and public administration. Verizon’s 11th annual report revealed the trends behind 53,000 cybersecurity incidents and 2,216 confirmed data breaches. As Verizon puts it, “The DBIR was created to provide a place for a security practitioner to look for data-driven, real-world views on what commonly befalls companies with regard to cybercrime.”

Biggest Threat Actors

If you only read headlines, you’d believe that most cybercrime comes from independent hackers or nation states. Organized crime was behind 50% of all breaches, leveraging established tactics. If you’re picturing a Mob Boss in the command line, you are not alone. It’s a strange image. But if it makes you feel any better, these operations are not exactly leading new strategies. They often use established procedures and techniques. If your organization uses best practices or frameworks like MITRE ATT&CK, you’ll be fine.

What about phishing? Phishing remains a significant problem, as a bank found out when their cybersecurity insurance refused to pay out for two phishing scams. Contrary to popular belief, most people do not fall for phishing. Those that do, however, are more likely to click phishing emails in the future.

Espionage in Manufacturing

Eighty-nine percent of threat actors in manufacturing are external after valuable intellectual property. However, insider threats are still an issue, as Tesla learned earlier this year. Elon Musk’s electric car company enlisted the help of its lawyers to sue a former employee for allegedly stealing manufacturing secrets. The good news: these numbers are down from 2017. Shady companies will use competitor secrets to make their own goods.

Malicious hackers aren’t only after money; some have a bit of national pride. Governments want (Read more...)