Verizon has today published its yearly report on business data breach investigations. Key stats included:
- 86 percent of data breaches for financial gain – up from 71 percent in 2019
- Cloud-based data under attack – web application attacks double to 43 percent
- 67 percent of breaches caused by credential theft, errors and social attacks
- Clearly identified cyber-breach pathways enable a “Defender Advantage” in the fight against cyber-crime
- On-going patching successful – fewer than 1 in 20 breaches exploit vulnerabilities
- Report analyzes 32,002 security incidents and 3,950 confirmed breaches from 81 global contributors from 81 countries
Verizon @VerizonBusiness releases 2020 Data Breach Investigations Report #DBIR, just posted at midnight ET: https://t.co/WbPL4VouXh
— Christian Beckner (@cjbeckner) May 19, 2020
Experts Comments
The most commonly exploited web app vulnerabilities, according to Verizon’s report--SQL injection and PHP injection vulnerabilities.
The findings from the Verizon report demonstrate that, as an industry, we are spending more time reacting to threats rather than proactively taking steps to ensure assets are secure before they go to market. This is why it’s crucial to think about security as early as when developers are actually coding applications. The technology to provide Code Security feedback throughout software development workflows exists, and not only will it help organizations prevent future incidents, it will also.....Read More
Secure access control to data and systems is a fundamental to building this end-user trust.
37% of breaches stole or used credentials highlights the need for businesses and organizations to provide their end-users with a secure mechanism for accessing systems and data that doesn't rely on passwords alone. With more and more of our lives becoming digital, securing and protecting are digital identity and lives will come more into focus. Businesses and organizations who demonstrate good security practices to it end-users will remain distinct advantage. Secure access control to data.....Read More
Legacy, outside-in DevOps security is failing. A new approach is needed.
Web applications are a growing focus point for cyber criminals. Motivated by financial outcomes, they understand the value of the information exchanged and stored in web applications. The 2020 Verizon Data Breach Investigations Report (DBIR) confirms that this is the case: 43% of data breaches are tied to web application vulnerabilities—which more than doubled year over year. Legacy, outside-in DevOps security is failing, and a new approach is needed that takes an inside-out approach.
Menlo Security CTO shares insights and forecast for Verizon DBIR findings
No matter what the industry does, attackers seem to be able to stay one step ahead. Attackers appear to be utilizing the same methods with a varying mix depending on what defenses are on in place. One thing that is clear is that the industry has not solved the phishing problem, as it remains the top attack vector. It seems that no amount of AI or detection algorithms are able to combat a well-written email that is delivered to a user on a topic that is of interest.
With the current remote.....Read More
Whitehat hacking can be an advantageous way to mitigate exploits and improve organizations' cyber postures.
The 2020 Verizon Data Breach Investigations Report (DBIR) is a yearly staple for the security industry, and this year's report is no exception. According to the report, 43% of breaches were attacks on web applications, more than doubling the results from last year. Organizations need to understand the importance of knowing their infrastructure because web applications provide easy entry points for cybercriminals. Web applications are what we interact with as users, but it's more than that: The.....Read More
now is the time to reinforce our cloud- and internet-connected systems with robust protection, detection, and recovery systems.
Drilling down into Verizon's 2020 version of the DBIR tells us two things: One, the number of incidents and data breaches is snowballing year-on-year, confirming the trend that digital transformation will result in threat vectors compounding and growing in number. And two, hacking for financial gain has taken precedence over malware and other low-impact techniques as the primary motivator for malicious actors.
The need for heightened security infrastructures for all systems (internal,.....Read More
Ransomware increased by 2.6% from last year, landing at number three in most common Malware breach.
The findings in the Data Breach Investigations Report (DBIR) 2020 show that while attack vectors may fluctuate over time, cybercriminals often set their sights on low-hanging fruit. Zero-days may garner most of the attention, but foundational cyber hygiene issues enable most breaches. The motivation for cybercriminals is primarily financial. As the Cybersecurity and Infrastructure Security Agency (CISA) recently underscored in a recent report about the top 10 routinely exploited.....Read More
The DBIR offers a lot of information for security professionals to digest.
The DBIR offers a lot of information for security professionals to digest. One way to use it is to understand how your industry is represented, see the sorts of actors and events that affect your industry, and be sure your organization’s risk model and countermeasures mitigate the concerns reported by the DBIR.
The industry analysis provided by the DBIR is invaluable.
We often think of ransomware as a breach, but the DBIR categorizes most ransomware activity as an incident because while you may have lost access to the data, the attacker hasn’t actually stolen it. While that may give you some comfort, it doesn’t mean that a ransomware incident is materially less impactful to the security folks who have to deal with it.
The fact that “misconfiguration” is in the top five action varieties for breaches is an important acknowledgment that not all.....Read More
Web applications are the most common hacking vector through which criminals obtain stolen credentials.
The report dispels many commonly held misconceptions about how and why data breaches happen. Many breaches and data incidents are easily preventable.
Most breaches are perpetrated by organised crime and are financially motivated, not by internal sources. Hacking through the use of stolen credentials, phishing, and errors top the list of actions that lead to breaches.
Web applications are the most common hacking vector through which criminals obtain stolen credentials.
Although.....Read More
Machine learning-based security analytics immediately detects compromised accounts because the behavior deviation is so telling.
Looking these results, we see that organized crime is the top actor, credential theft remains a top threat, and financially motivated breaches are most common. Criminal enterprises are stealing credentials instead of using extortion for financial gain. Between phishing, social engineering, and a broad range of hacks, it's easy for thieves to get someone's credentials and access a system as them. But it's radically more difficult to act like them once they're inside.
Machine learning-based.....Read More
The 2020 edition of the Verizon DBIR highlights the top actions for breaches, which continue to be credentials, misconfiguration and phishing.
The 2020 edition of the Verizon DBIR highlights the top actions for breaches, which continue to be credentials, misconfiguration and phishing. Credentials are still the favorite attack surface, and within the past three years, range fluctuates between 75%-81%.
A reduction in malware is aligned with the previous year’s trend and is a function of the risk balloon getting squeezed as alternative attacks reward balance out. If you think about this January alone, and weigh in the key breaches.....Read More
Contributing to the Verizon DBiR helps us as an industry move the dial in a positive direction.
Contributing to the Verizon DBiR helps us as an industry move the dial in a positive direction. We can't improve what we can't see.
The idea of "the great and good" in the industry contributing together provides a realistic snapshot of what matters In cybersecurity today. I'm very proud of and grateful to the folks in VDBiR for all their hard work.
The report shows the Great Digital Train Robbery is alive and well.
The report shows the Great Digital Train Robbery is alive and well. External, multi-faceted and industrialized hacking continues to pepper large enterprises at 72% of overall victims. It’s no surprise that web application patters, around 45% of attacks, expose technology services firms, retail, financial and Insurance services and professional services most to compromise. They are the highest aggregators of highly sensitive data with substantial 3rd party data sharing risk.
Personal data.....Read More
There is also a common misconception that enterprises need to be most wary of phishing attacks.
While it’s a positive shift to see this year’s Verizon Data Breach Investigations Report (DBIR) reflect the security challenges of small businesses, there is much more work to be done to extrapolate major trends from more comprehensive SMB data. From our work with managed service providers (MSPs) who provide outsourced IT to hundreds of thousands of SMBs, we know that only 407 incidents in one year is startlingly low. In fact, in just the last week, we were informed of a single network.....Read More
The report clearly shows that defence in depth is just as important as ever.
It is interesting to note that 45 % breaches occur due to hacking, and 22 % went via targeting a user or employee. The attackers then on an average need less than 4 further steps in 90 % of the attacks, but most do indeed require more than a single step.
This shows clearly that defence in depth is just as important as ever.
The study shows that vulnerability management of internet facing systems is successful in most organizations, but that for those who do not address this, it is an.....Read More
Errors — mostly misconfigurations of resources — continue to be on the rise as more and more data sets are left openly exposed.
This report further goes to show that attackers do not have to be sophisticated to be effective. We see that only 45% of all breaches in this report involved some kind of traditional hacking and only 4% of the breaches in total had more than four attacker actions. Simple, low-hanging fruit for financial gain continues to dominate this space and shows where so much of our security posture can be improved with user education and basic, industry-standard security practices.
Phishing and trojans.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Jayant Shukla, CTO and co-founder, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Companies need to protect web applications that continue to have vulnerabilities that can be exploited...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/industry-experts-on-verizon-dbir-2020
Facebook Message
@Jayant Shukla, CTO and co-founder, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Companies need to protect web applications that continue to have vulnerabilities that can be exploited...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/industry-experts-on-verizon-dbir-2020