720-891-1663
Return to the list of client alerts
Some people think of Verizon as a local phone company and others think of it as their cell phone carrier, but they do a lot more and one of those things is cybersecurity.
Every year for the last twelve years, they have produced a very extensive Data Breach Investigations Report. This report is based on their incident response business. This year the report is based on 41,000 incidents plus 2,000 breaches. While this represents a small percentage of the total incidents and breaches, it is still a large enough number to have statistical significance.
So What did Verizon find?
Verizon says that espionage was a factor across most industries so thinking that China or North Korea is not interested in the (______) industry only fools yourself and not the hackers.
Looking at the graph below, organized crime is still the major player in the game, but they are losing ground to state affiliated actors and those two groups dwarf everyone else. I am not sure that helps because both groups have a LOT of money to throw at the problem.
Verizon says that “card-present” credit card attacks are going down and e-commerce or “card-not-present” attack are surging. Part of this is due to the rise of e-commerce and the other part is due to chip based cards making retail credit card attacks harder.
The cloud is leading to more breaches. Simple to deploy does not mean the same thing as simple to deploy securely.
For those people who think they are too small to bother, Verizon says that 43% of breaches – almost half – involve small businesses.
Many companies will use the DBIR to tweak their security program – look at the data and see where they need to adjust their spending. Protecting the C-Suite is definitely one place to spend.
The executive summary of the DBIR is available here.
The full DBIR is available here.