Experts Responses on Verizon DBiR Findings

Verizon has released its Data Breach Investigation Report (DBiR) for year 2021. With 29,207 quality incidents analysed, of which 5,258 were confirmed breaches, the DBiR provides a comprehensive snapshot of the state of cybersecurity globally. Among the key stats were an 11% increase in phishing attacks, a 6% increase in ransomware, and the finding that a staggering 85% of breaches involved a human element. 

Experts Comments

May 18, 2021
Niamh Muldoon
Senior Director of Trust and Security EMEA
OneLogin

The Verizon DBIR report has reinforced what most of us already know. That is, cyber threats are growing in frequency, particularly as most of us are working remotely. We cannot forget though, the people and teams working hard every day to protect our businesses which are already under significant financial pressures in today’s tough economic environment. Indeed, our recent IAMokay Mental Health Survey, which included 250 tech leaders across the globe, revealed that more than 77% of respondents

.....Read More

The Verizon DBIR report has reinforced what most of us already know. That is, cyber threats are growing in frequency, particularly as most of us are working remotely. We cannot forget though, the people and teams working hard every day to protect our businesses which are already under significant financial pressures in today’s tough economic environment. Indeed, our recent IAMokay Mental Health Survey, which included 250 tech leaders across the globe, revealed that more than 77% of respondents believed the pandemic has increased their work-related stress. When asked about their workload, 86% of respondents reported their workload increased during the pandemic. The stress that our security teams bear should not be neglected. All organisations must ensure they are looking out for the mental health and wellbeing of these teams if they hope to effectively defend themselves from bad actors. One critical step organisations can take to prevent breaches as well as reduce stress and strain on security operations teams is to streamline access control.

  Read Less
May 14, 2021
Chris Clements
VP
Cerberus Sentinel

Phishing continues to be a potent weapon for cybercriminals to breach their victims. It’s a numbers game in which attackers can send thousands of emails varying their approach to bypass phishing filters. It’s only a matter of time before some get through to end user’s mailboxes and fool them into divulging account credentials or opening a malicious attachment.

 

Ransomware continues to be a pervasive scourge on organizations of all verticals. The meteoric rise of cryptocurrency has effectively,

.....Read More

Phishing continues to be a potent weapon for cybercriminals to breach their victims. It’s a numbers game in which attackers can send thousands of emails varying their approach to bypass phishing filters. It’s only a matter of time before some get through to end user’s mailboxes and fool them into divulging account credentials or opening a malicious attachment.

 

Ransomware continues to be a pervasive scourge on organizations of all verticals. The meteoric rise of cryptocurrency has effectively, if inadvertently, monetized every network in the world for cybercriminals. Their continued success in extorting victims across the globe has provided these criminal operations with budgets that are larger than most of the organizations they target. These budgets allow them to acquire talented hackers as well as custom zero-day exploits that make them incredibly successful in quickly compromising entire computer networks. With these resources, often all that is necessary for these attackers to succeed is for a single successful phishing email to land or acquiring one compromised account password.

 

Cloud environments are popular new vectors for attack as organizations rush to take advantage of nearly limitless scalability, however, they can also expose massive amounts of data if administrators do not understand the ins and outs of the particular cloud platform or are moving what was previously protected by their on-premises network firewall to the publicly accessible cloud.

 

To remain secure in today’s threat landscape organizations must adopt a culture of security, starting with the awareness that every business is actively targeted by cybercriminals on a daily basis and that absent this cultural approach can suffer potentially catastrophic damages stemming from loss of operations, data theft, ransomware, and reputational harm. This cultural process starts with education and awareness initiative targeted at all personnel roles from executive leadership to line of business employees to understand their role in protecting the organization. Further, adoption of security hardening best practices, ongoing monitoring for suspicious behavior, and regular testing to ensure that no gaps have been missed are critical for surviving modern threat actors.

  Read Less
May 14, 2021
Mark Bower
Senior Vice President
comforte AG

The numbers don’t lie –83% of breaches in the financial and insurance sector involved personal data,  more than any other sector. With regulatory changes oriented around fresh data privacy requirements and pending NACHA compliance enforcement over payment and personal data, modern data privacy compliance has to be a top agenda item as the sector continues its cloud-transformation journey, collecting more powerful yet regulated data than ever in the process.

May 14, 2021
James McQuiggan
Security Awareness Advocate
KnowBe4

"Phishing is responsible for the vast majority of breaches in this pattern, with cloud-based email servers being a target of choice." - VDBIR 2021

For the past several years, this report has repeatedly shown that phishing or other social engineering is the initial attack vector for the breach. Cybercriminals are evolving their social engineering attacks through creative means. Whether it's a password reset to a social media account, or having kits that can automatically insert the logo of the

.....Read More

"Phishing is responsible for the vast majority of breaches in this pattern, with cloud-based email servers being a target of choice." - VDBIR 2021

For the past several years, this report has repeatedly shown that phishing or other social engineering is the initial attack vector for the breach. Cybercriminals are evolving their social engineering attacks through creative means. Whether it's a password reset to a social media account, or having kits that can automatically insert the logo of the target company, or even misinformation about the gas shortage and where to find gas have caused people to fall for the phishing lures of curiosity, fear, or greed.



Organizations will need to continue to take the necessary steps to increase security awareness training. Still, the gap between awareness and action to protect the organization is the next step of improving the organization's security culture and having cybersecurity on the mind of all users.

  Read Less
May 14, 2021
Baber Amin
COO
Veridium

There were 3.3 Billion malicious login attempts.  Think about that.  World population is 7.6B, 61% of breaches involved credential data. This is why we and other experts urge organizations to use passwordless authentication.

 

You cannot attack, steal, reuse, share, write down or divulge, something you don’t have. No password means no phishing, no credential stuffing, and no human error from forgotten passwords, shared passwords, reused passwords or weak passwords.

 

This report underscores

.....Read More

There were 3.3 Billion malicious login attempts.  Think about that.  World population is 7.6B, 61% of breaches involved credential data. This is why we and other experts urge organizations to use passwordless authentication.

 

You cannot attack, steal, reuse, share, write down or divulge, something you don’t have. No password means no phishing, no credential stuffing, and no human error from forgotten passwords, shared passwords, reused passwords or weak passwords.

 

This report underscores that context aware multi factor authentication that is risk aware, and minimized human error needs to be adopted and deployed broadly. These findings show why we urge organizations to implement intelligent passwordless authentication that is all inclusive with the largest possible support for authenticators.

 

More remote workers, more applications in the cloud, more business logic available via API, more distractions, more accounts all lead to credential overload and cognitive overload. This credential overload causes humans to make mistakes, whether they are clicking on phish bait, or reusing credentials, or sharing sensitive information via open channels. As an industry, we need to help reduce the cognitive overload that comes from multiple credentials and multiple accounts.

 

A lot of the attacks mentioned also interlink.  E.g. a phishing email can lead to credential exposure, to credential stuffing, to malware installation, and then to ransomware. Credentials are the pivot point of the problem.

  Read Less
May 14, 2021
Tom Garrubba
Senior Director and CISO
Shared Assessments

This report continues to provide eye-opening details of the perilous world organizations must operate in and it appears to be getting worse. As we all see a flood of breaches soaking various industries, organizations need to realize the importance of preparation and practice against such cyber threats. You, your vendors, and your supply chain, must make every attempt to ensure you possess a cyber “A-game” and review the efficacy of critical cyber processes such as access assignments,

.....Read More

This report continues to provide eye-opening details of the perilous world organizations must operate in and it appears to be getting worse. As we all see a flood of breaches soaking various industries, organizations need to realize the importance of preparation and practice against such cyber threats. You, your vendors, and your supply chain, must make every attempt to ensure you possess a cyber “A-game” and review the efficacy of critical cyber processes such as access assignments, monitoring, and log reviews constantly to identify vulnerabilities. Whether it is an outside or an inside threat, the tide of cyber attacks is not receding and it may soon be your time to sink or swim

  Read Less
May 13, 2021
Sam Curry
Chief Security Officer
Cybereason

The Internet is growing, usage by even longtime users is growing, business online is growing, so it's not a shock at all that the dark side of the Internet is growing too. No one should be surprised by this. But there are two remarkable things to pick out of the noise. First, that the dark side is growing faster and getting better at their craft than the light side. In other words, asymmetry in cyber conflict is more and more favouring attackers as they hone their skills and tools. Second, that

.....Read More

The Internet is growing, usage by even longtime users is growing, business online is growing, so it's not a shock at all that the dark side of the Internet is growing too. No one should be surprised by this. But there are two remarkable things to pick out of the noise. First, that the dark side is growing faster and getting better at their craft than the light side. In other words, asymmetry in cyber conflict is more and more favouring attackers as they hone their skills and tools. Second, that some forms of attack are in hyper-growth with two standouts: ransomware and supply chain attacks. These trends aren't going to slow, so it demands that businesses really bridge the security-business divide and take the right steps to ensure future safety and growth. There are ways to prepare now, to get prevention in place, to enable a detection strategy, and to develop resilience and recovery in peacetime. Companies can reduce the likelihood and the impact of attacks to acceptable levels and must do so if they hope to compete in the remainder of the 21st century.

  Read Less
May 13, 2021
Dan Conrad
Field Strategist
One Identity

The last year has been an interesting transition for the concept of cybersecurity and, based on this information, protecting the identity and credentials of people and systems is now spotlighted.   

 

"85 percent of breaches involved a human element” – again, Identity is the security perimeter.  We MUST find ways to protect us from ourselves.  With that, I believe there is a shift in the mindset of the employee and consumer where they are starting to appreciate the protection of their own

.....Read More

The last year has been an interesting transition for the concept of cybersecurity and, based on this information, protecting the identity and credentials of people and systems is now spotlighted.   

 

"85 percent of breaches involved a human element” – again, Identity is the security perimeter.  We MUST find ways to protect us from ourselves.  With that, I believe there is a shift in the mindset of the employee and consumer where they are starting to appreciate the protection of their own credentials.  If we can protect our enterprises from our employees by simply embracing enhanced authentication (a.k.a. multifactor) then we are taking the right steps to protect our enterprises and adjusting the mindset of the user.  In the new world of remote workers accessing everything from everywhere, anytime, ensuring they are who they say they are is critical.

 

This concept applies to the 11% uptick in phishing attacks.  These attacks are specifically trying to get credentials, particularly usernames and passwords.  So if we protect enterprises with MFA, the consequences of a user providing their credentials to a malicious actor are much less relevant.  All of these concepts are actionable and provide direct results.  Given, measuring the number of times your data wasn’t compromised is difficult.

  Read Less
May 13, 2021
Eoin Keary
CEO and Cofounder
Edgescan

With the DBiR report, the team at Verizon provide an invaluable service to the security community across the globe, and we are delighted to have been part of the effort for the third year running.

 

While it’s hard to establish causality, the data in the report confirms the impression that attackers certainly aren’t hindered in their efforts by global crises and are ready to opportunistically exploit any gap in the fence to pursue their objectives. For this reason, it is ever more important

.....Read More

With the DBiR report, the team at Verizon provide an invaluable service to the security community across the globe, and we are delighted to have been part of the effort for the third year running.

 

While it’s hard to establish causality, the data in the report confirms the impression that attackers certainly aren’t hindered in their efforts by global crises and are ready to opportunistically exploit any gap in the fence to pursue their objectives. For this reason, it is ever more important for the cybersecurity industry to come together and join forces to fight the challenges facing organisations today.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.