The Verizon 2017 Data Breach Investigation Report is out and the news is grim. The Report collected data from sixty-five (65) organizations throughout the world and analyzed 42,068 incidents and 1,935 breaches from 84 countries. The top three industries targeted for cyber breaches are financial services, healthcare and the public sector. Here are just some of the Report’s highlights:
- Cyberespionage and ransomware attacks are increasing. There was a 50% increase in ransomware attacks.
- Malware continues to be a problem. 51% of the data breaches involved malware.
- Criminals are still using phishing as a technique to get access to a victim’s computer. One in 14 users fall victim to a phishing attack.
- Pretexting through emails and phone calls targeting financial departments is on the rise.
- Smaller organizations, those with less than 1000 employees, were 61% of the victims analyzed.
- 62% of breaches involved hacking.
- 81% of hacking-related breaches involved stolen or weak passwords.
Companies can protect themselves by putting a cyber plan in place. That cyber plan should include: (1) training employees on how to spot and report questionable emails; (2) promptly patching computers with all security updates and encrypting emails and other data; (3) having and following a back-up plan for all of company data; and (4) putting data loss prevention controls in place to identify and prevent improper transfer of data by employees.
These are just a few recommendations that companies should follow in protecting against cyber breaches. The Verizon 2017 Data Breach Investigation Report is long, but worth the read by risk managers and consultants advising on cyber breaches.