Verizon's annual report on data breach investigations confirmed 3,950 data breaches in 16 industries. Tom Merritt explains five things you should know about these violations.
Verizon has just released its annual Data Breach Investigations Report (DBIR). The company reviewed 32,002 security incidents and confirmed 3,950 data breaches across 16 industries. These reports will help you gain some insights to protect yourself. Below is five pieces of information from the DBIR report that should inform you about data breaches.
It comes from the company. Internal error-related violations have doubled to the highest level so far. Part of this may be due to improved reporting thanks to laws such as the GDPR. Some, but not all.It gets personal. Email addresses, names, phone numbers, etc. Personal data was involved in 58% of violations, again twice as often as in the previous year. However, improved reporting could account for part of this increase.
It's because people. More than 67% of the violations were due to theft of credentials such as phishing, social attacks or just human error. Increased reporting or no, the percentage we are responsible for has remained constant.
It's moving on the web. Attacks against web apps have doubled and are part of 43% of violations. This makes sense when we switch to web apps that the attackers are following. Vulnerabilities accounted for less than 20% of violations. The majority were ID cards that were either brutally enforced or stolen.
It's all about money. Corporate espionage accounts for 10% of violations. 86 percent are financially motivated and these headline-grabbing advanced threats? Four percent.
No, it's not good news, but it shouldn't be. The DBIR is like going to the doctor – you know they will tell you to do more exercise and improve your diet, but you always want to look for the changes that have occurred since the last exam so that you hopefully turn away can do the really bad things.
Subscribe to TechRepublic Top 5 on YouTube Find the latest technical advice from Tom Merritt for business professionals.
Cybersecurity Insider Newsletter
Strengthen your company's IT security defenses by keeping up to date with the latest cybersecurity news, solutions, and best practices.
Delivery on Tuesdays and Thursdays
Sign up today
Image: Getty Images / iStockphoto