It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report!

If “experience is merely the name men gave to their mistakes,” as Oscar Wilde puts it in The Picture of Dorian Gray, then the more we know about the threats we face and how we react to these threats, the better our chances are of keeping our data secure and our company’s name out of the headlines for all the wrong reasons.

This year, the report analyzes 32,000 incidents, out of which 3,950 were confirmed data breaches. What’s new in this edition is that the findings are broken down into 16 industry verticals and aligned with the MITRE ATT&CK framework and CIS Controls.

So without further delay, let us dive into the key report findings featuring commentary by Tim Erlin, VP of Product Management and Strategy at Tripwire.

Key Findings

  • Many believe shady internal actors to be the most common cause of breaches, but the DBIR’s data shows that 70% of breaches this year were caused by outsiders.
  • 86% of breaches were financially motivated, although espionage and advanced threats tend to receive the most buzz.
  • Credential theft, social attacks (i.e., phishing and business email compromise) and errors caused the majority of breaches (67% or more).
  • Ransomware accounted for 27% of malware incidents, and 18% of organizations blocked at least one piece of ransomware.
  • Attacks on web apps were a part of 43% of breaches, more than double the results from last year. As workflows move to cloud services, it makes sense for attackers to follow. The most common methods of attacking web apps involved the use of stolen or brute-forced credentials.
  • Personal data is getting (Read more...)