- Tom Cummins
53,308 Reasons to Read the 2018 Data Breach Investigations Report
Cyber + Co., No. 5
The cyber threat landscape continues to change. Verizon's annual data breach report, released yesterday, is an atlas of the current landscape.
Drawn from nearly 70 contributing organizations, the report analyzes more than 53,000 cyber incidents and 2,200 confirmed breaches in 65 countries.
Five key takeaways from the data are outlined in this post, followed by five proactive steps to improve your organization's cybersecurity.
Much more can be learned from the report itself, which is available here.
1. The rise of ransomware. Attackers don't have to steal your data to make money — they can simply stop you using it until you pay a ransom.
Cheap and easy to deploy, ransomware is also the most prevalent malware variety today, found in 39% of malware-related incidents.
2. Most attacks by outsiders. Nearly three-quarters of breaches involve outsiders, and half involve organized criminal groups.
3. Most attacks about money. 76% of the breaches are financially motivated, while 13% appear motivated by strategic advantage (espionage). And the point-of-sale network remains very high on the attackers' target list.
4. We have identified the weakness, and it is us. We are still falling victim to social attacks far too often, with phishing and pretexting representing 98% of social cyber incidents.
The good news is that most people don't take the bait. Phishing simulations show that in the median organization, 78% of people don't click a single phish all year.
Unfortunately, the bad news is that the attackers only need one person to let them in. And on average, 4% of people in a given phishing campaign will click it.
Compounding the bad news, almost no phishing campaigns are reported by the majority of people phished. And the average time from campaign launch to the first click is just 16 minutes.
5. Threat landscape. Attackers use a variety of moves to navigate around defenses and compromise data.
Breaches by pattern. A key step to mitigating risks is understanding the types threats you face. These patterns give you a quick and easy way to assess the current cyber threat landscape.
5 steps to improve your organization's security
Today's attackers are frequently sophisticated, organized, and determined. But proactive steps can and should be taken to reduce your organization's cybersecurity. Here are five:
1. Stay alert. Use log files and change management systems to give you early warning of compromise.
2. Patch promptly. Routinely apply security updates across your environment to help guard against common attacks.
3. Train regularly. Educate staff about how to spot warning signs, avoid social attacks, and improve your organization's cyber health.
4. Encrypt aggressively. Make your sensitive data unreadable if stolen.
5. Don't forget two-factor authentication. Limit the damage done by stolen credentials by requiring two-factor authentication for access to your network.
About the Images
The graphs are taken from Verizon's 2018 report, and the breaches by pattern graphic is taken from Verizon's interactive report portal.
About Cyber + Co.
Cyber + Co. is a periodic review of cybersecurity issues relevant to small businesses.
About the Author
Tom Cummins is the founder of Potomac Litigation. He has deep experience assisting clients in some of history’s largest data breaches, as well as a host of other cybersecurity incidents.