Insights From Verizon’s Data Breach Investigations Report

In early spring, while many people are anticipating the return of warm weather and blue skies, the information security industry is looking forward to the release of Verizon’s annual Data Breach Investigations Report (DBIR).

Published since 2008, DBIR is a data security reference guide, playbook and bible. Global in scope, the report analyzes thousands of confirmed data breaches and security incidents, sorts out the trends, and provides best practice guidance that informs the industries’ approach to cyberthreats and digital security.

This year’s report includes the obligatory alarming statistics, among the most eye-opening being that in 60 percent of investigated incidents attackers were able to compromise a target network within minutes.

Equally interesting, the majority of the 79,790 incidents and 2,122 data compromises from 61 countries that were analyzed in DBIR 2015 were attributable to just nine attack patterns. 96% of the breaches were attributed to point-of-sale intrusions and payment card skimmers, “crimeware”(malware), insiders, Web app attacks; denial-of-service attacks, and cyberespionage.

The majority of data breaches are point-of-sale attacks (28.5%), while malware (18.8%) and cyber-espionage are tied for the #2 spot.

And here’s another amazing stat – the DBIR reported that 70-90% of malware samples are unique to an individual organization. Educational institutions are getting hit the most with 2,332 malware events per week on average, compared to the financial sector which sees only 350 malware events per week. This doesn’t mean that financial is a less attractive target than universities, but that the financial industry is probably doing a much better job of filtering out threats.

The top three industries affected by security issues and breaches are the same as previous years: Public, Technology/Information, and Financial Services. (The Public sector experienced 50,000 security incidents and 300 confirmed breaches; the Information industry saw nearly 1,500 security incidents and about 100 confirmed data breaches. Financial Services organizations were hit with about 650 security incidents and close to 300 compromises.

And sadly, phishing still works, with 50% of users opening emails and clicking on those malicious links. So it’s not surprising that “The common denominator across the top four patterns – accounting for nearly 90% of all incidents – is people” (DBIR, pg. 32).

BAI-Logo