2020 Verizon Data Breach Investigations Report – The Findings

Last month Verizon released their annual Data Breach Investigations Report (DBIR) produced by the Verizon Threat Research Advisory Center (VTRAC), providing a snapshot of the current state of the fight against cybercrime, focusing specifically on data breaches. Now in its 13th year, the 2020 Verizon Data Breach report analyses 32,002 security incidents including 3,950 confirmed breaches, across 81 countries and 16 business sectors.

As an important tool for keeping security teams informed, we’ve pulled out the key findings from the report to help you to identify common attack vectors and patterns to review the security controls that will give you the best chance of preventing data breaches.

What’s New in the Report?

While the report continues along a similar vein to previous years, it has grown in its reach. The analysis included new industries and countries and for the first time ever looked at data breaches from a regional viewpoint. With new statistical processes and protocols and more data than ever, the 2020 report gives an extremely comprehensive analysis of global data breaches.

What Were the Key Findings?

As with previous reports, there are a lot of figures to try to digest. However, the report splits its key findings into three fundamental areas:

  • The tactics – 45% of breaches featured hacking, 22% began with internal errors, and 22% included social attacks.
  • The attackers – 70% of breaches were committed by external actors, 30% involved internal actors, and organised criminal groups were behind 55% of attacks.
  • The victims – 81% of breaches were contained in days or less, 72% of breaches involved large businesses, and 58% of victims had personal data compromised.

What many attacks had in common was financial motivation, an incredible 86% in fact, up from 71% in 2019. Web applications were involved in almost half of the breaches, showing an increase in cloud-based data under attack, and common methods of attack included stealing user credentials, using ransomware and phishing.

The report highlights some key trends that we should all be mindful of. Firstly, attackers have continued to adapt in a world where businesses are making it more difficult for them. The findings indicate a reduction in the use of malware and a continued rise in social engineering and phishing. It is clear that the need for behaviour-based security is paramount to combat these modern attacks. After all, attackers will follow the path of least resistance, taking advantage of people and online opportunities.

Specific Industry and Regional Findings

The question we are all asking is how at risk our business is to a data breach. And, ultimately, the answer to that question is that we all are. The Verizon report has demonstrated that a significant percentage of breaches involved large companies, however, smaller businesses are far from immune. More and more small and medium-sized enterprises are using cloud and web-based applications, which makes them a prime target for today’s hackers. Regardless of the size of your business, phishing, social engineering, and web-based attacks are a real threat.

The 2020 report focused on the detailed analysis of 16 business sectors and showed there are differences across industries. Manufacturing saw a lower percentage of malware incidents, retail saw almost all breaches being financially motivated with payment data being a key prize, and finance saw a huge rise in web applications attacks due to the move to online services. In educational services, ransomware attacks doubled and in healthcare human error accounted for a larger percentage of breaches than in other industries. However, healthcare remains the industry with the highest volume of internal threat actors due to having broader access to credentials.

In terms of regional trends, North America swayed stolen credentials as the most commonly leveraged technique, Europe and the Middle East saw 40% of breaches targeted web applications using a combination of hacking techniques, and Asia Pacific saw a higher rate of phishing attacks.

How to Protect Your Business Against Data Breaches

While there are differences in the methods used, what we can deduce is that financial gain is the key driver of organised crime, increasing year-on-year. Cybercriminals aim to exploit system vulnerabilities and human error and will continue to do so. However, there is a lot that businesses can do to protect themselves. The Verizon report talks about the ability to track common patterns within cyber-attack journeys as a security game-changer.

As our businesses become ever-more dependent on remote working and web-based applications, end-to-end security becomes a must. We need to not only protect our systems from attack but to educate our employees to build our cybersecurity posture and defend ourselves from breaches.

To access the full report click here.

You may also be interested in reading our Responding to Cyber Attacks Executive Summary.

see our

Related resources