The 2019 Verizon Data Breach Investigation Report (DBIR) was released at the end of May. This report provides an overview of data and statistical research relating to cyber threats as well as potential defenses to counteract them. The overall goal of the DBIR is to provide potential information and suggestions relating to protection as well as cyberattack recovery. This year’s report proved to be the most extensive review yet conducted, tracking 41,686 security incidents around the world, including 2,013 data breaches from 86 countries and 73 various data sources, even containing security incidents reported to the FBI.
The main message delivered throughout the 2019 DBIR discussed “the absence of foundation-level and layered security controls, international security discipline, and general security awareness are the common denominators in the data breach dilemma.” The report further discussed that small business accounted for 43 percent of all data breaches, with public sector entities (15 percent), healthcare organizations (15 percent), and financial services companies (10 percent) also experiencing a significant number of attacks. The report noted that the main motive for data attacks appeared to be financial gain (71 percent), indicating that large ransom fees were seen in large organizations for return of their hacked data. Moreover, research found that outsiders accounted for 69 percent of cyber incidents and national-states and state-sponsored hackers are beginning to play a much greater role in global security incidents. In fact, nation-states and state-supported hackers were linked to 23 percent of incidents this year, and 39 percent of attacks were linked to criminal groups.
The 2019 DBIR also discussed the “detection deficit” as a continuing issue. This deficit relates to the time between an attack on an internal system and the discovery of that attack. According to the report, discovery time of attacks is still too large, noting that 56 percent of breaches took months to discover. The report notes that while attacks occur within mere minutes, the discovery normally does not occur for months and in order to tighten this gap, enhanced security measures must be taken. Similarly, the DBIR found that “C-suite officials” were found as the new target emerging this year. According to the report, company executives were six times more likely to be the focus of a cyberattack than in the prior year, and are 12 times more likely to the be the victim of a business email compromise attack. The DBIR believes that these officials are generally time-pressed and unlikely to spend as much time examining who an email is coming from and determining whether it is legitimate.
Finally, the report also noted that attacks are continuing to move towards areas that provide them the least amount of resistance, focusing on “card not present” web applications where users make payments by leveraging stolen credentials. Overall, the DBIR highlights how companies should be looking to protect themselves and how they are most at risk. Organizations of all sizes can be compromised and need to ensure that their employees are aware of how to protect themselves and also implement such safeguarding measures.