2020 Verizon Data Breach Investigations Report – The Findings
Last month Verizon released their annual Data Breach Investigations Report (DBIR) produced by the Verizon Threat Research Advisory Center (VTRAC), providing a snapshot of the current state of the fight against cybercrime, focusing specifically on data breaches. Now in its 13th year, the 2020 Verizon Data Breach report analyses 32,002 security incidents including 3,950 confirmed breaches, across 81 countries and 16 business sectors.
As an important tool for keeping security teams informed, we’ve pulled out the key findings from the report to help you to identify common attack vectors and patterns to review the security controls that will give you the best chance of preventing data breaches.
What’s New in the Report?
While the report continues along a similar vein to previous years, it has grown in its reach. The analysis included new industries and countries and for the first time ever looked at data breaches from a regional viewpoint. With new statistical processes and protocols and more data than ever, the 2020 report gives an extremely comprehensive analysis of global data breaches.
What Were the Key Findings?
As with previous reports, there are a lot of figures to try to digest. However, the report splits its key findings into three fundamental areas:
- The tactics – 45% of breaches featured hacking, 22% began with internal errors, and 22% included social attacks.
- The attackers – 70% of breaches were committed by external actors, 30% involved internal actors, and organised criminal groups were behind 55% of attacks.
- The victims – 81% of breaches were contained in days or less, 72% of breaches involved large businesses, and 58% of victims had personal data compromised.
What many attacks had in common was financial motivation, an incredible 86% in fact, up from 71% in 2019. Web applications were involved in almost half of the breaches, showing an increase in cloud-based data under attack, and common methods of attack included stealing user credentials, using ransomware and phishing.
The report highlights some key trends that we should all be mindful of. Firstly, attackers have continued to adapt in a world where businesses are making it more difficult for them. The findings indicate a reduction in the use of malware and a continued rise in social engineering and phishing. It is clear that the need for behaviour-based security is paramount to combat these modern attacks. After all, attackers will follow the path of least resistance, taking advantage of people and online opportunities.
Specific Industry and Regional Findings
The question we are all asking is how at risk our business is to a data breach. And, ultimately, the answer to that question is that we all are. The Verizon report has demonstrated that a significant percentage of breaches involved large companies, however, smaller businesses are far from immune. More and more small and medium-sized enterprises are using cloud and web-based applications, which makes them a prime target for today’s hackers. Regardless of the size of your business, phishing, social engineering, and web-based attacks are a real threat.
The 2020 report focused on the detailed analysis of 16 business sectors and showed there are differences across industries. Manufacturing saw a lower percentage of malware incidents, retail saw almost all breaches being financially motivated with payment data being a key prize, and finance saw a huge rise in web applications attacks due to the move to online services. In educational services, ransomware attacks doubled and in healthcare human error accounted for a larger percentage of breaches than in other industries. However, healthcare remains the industry with the highest volume of internal threat actors due to having broader access to credentials.
In terms of regional trends, North America swayed stolen credentials as the most commonly leveraged technique, Europe and the Middle East saw 40% of breaches targeted web applications using a combination of hacking techniques, and Asia Pacific saw a higher rate of phishing attacks.
How to Protect Your Business Against Data Breaches
While there are differences in the methods used, what we can deduce is that financial gain is the key driver of organised crime, increasing year-on-year. Cybercriminals aim to exploit system vulnerabilities and human error and will continue to do so. However, there is a lot that businesses can do to protect themselves. The Verizon report talks about the ability to track common patterns within cyber-attack journeys as a security game-changer.
As our businesses become ever-more dependent on remote working and web-based applications, end-to-end security becomes a must. We need to not only protect our systems from attack but to educate our employees to build our cybersecurity posture and defend ourselves from breaches.
To access the full report click here.
You may also be interested in reading our Responding to Cyber Attacks Executive Summary.
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help