The 2019 Verizon Data Breach Incident Report (DBIR) has finally arrived. I haven't been this excited about 2019 since New Years Eve! In this blog, I will parse some of the more interesting conclusions from this year’s DBIR and talk about how this report provides guidance to its readers. You can think of this as a how-to for avoiding a similar fate as those who are detailed in the report – you don’t want to risk becoming a part of the DBIR statistics next year!
This year’s report disclosed 41,686 security incidents that were reported for 2018 – 2,013 of those were confirmed data breaches. That equates to 5.51 breaches per day!
71% of the breaches were for financial gain
52% involved hacking
33% included social engineering attacks (a significant increase from last year’s 17%)
56% of breaches took months to discover
What can we do? One thing that stood out in the report was that managing your own servers looks like a losing game. The Verizon DBIR uncovered that a sizable amount of data was taken from on-premises servers. Using SaaS with a cloud access security broker (CASB) seems to be a much safer approach than trying to maintain all of your own infrastructure.
In addition to the above, this year’s Verizon DBIR didn’t seem to include any information on data exfiltrated from SaaS applications. In other words, buying servers and managing your own infrastructure seems to be an outdated, unsecure strategy – using a CASB for the SaaS applications that handle customer data, employee data, and proprietary data is the ideal in today’s cloud-first world. CASBs are equipped with encryption, DLP, malware protection, and much more. With this list of tools, you are able to properly secure your data around the clock and wherever it goes.
If you’re interested in additional information on recent breaches beyond Verizon’s DBIR, Bitglass has just published its own “Kings of the Monster Breaches” report which goes into depth about the biggest cyberattacks in the last few years. Our research includes the effects that these major breaches have had on public corporations, such as massive fines, stock price effects, and more. Kings of Monster Breaches also contains a section on private and government organizations and the impact that breaches have had on them.
Together, these two reports prove that protecting your organization’s data is vital and can no longer be overlooked. So, be sure to evaluate your security solutions and fix any potential vulnerabilities before you fall victim to a breach.
To learn more, download Bitglass' Kings of the Monster Breaches.