Verizon may be recognizable as a mobile communications provider in the United States, but they're also a top-tier managed security services provider and the publishers of the Verizon Data Breach Investigations Report (DBIR). The DBIR is possibly the most comprehensive data-driven look at security breaches within the cyber security industry.
Now in it's 11th issue, the DBIR is a contemporary look at cyber threats faced by organizations today. So what does it have to say, and what can we learn?
Key Facts & Figures
- 58% of victims are categorized as small businesses
- 50% of breaches were carried out by organized criminal groups
- 30% of breaches included malware
- 68% of breaches took months or longer to discover
As we can see, the majority of breaches affect small businesses. We might think that larger organizations are the primary target, but that's not the case. Perhaps this is due to smaller organizations being easier targets and not having the same level of defenses that larger companies may have. It's also a common misconception that small businesses don't have anything worth going after for hackers. Clearly this isn't true; sometimes hackers just want your computer to help them in their grand plan!
Another observation from the data is that half of breaches are carried out by organized criminal groups. These aren't opportunistic attackers, but well structured, often very well funded and very capable adversaries. Today's cyber criminal gangs resemble a modern company--with different departments and specialties, and even outsourcing non-core work to other service providers in the illegitimate ecosystem.
For many of us, security begins and ends with Anti-Virus. But as the DBIR points out, only 30% of breaches are due to malware. Hackers are increasingly relying on other techniques to get what they want. It's often much easier to use legitimate software and tools, in illegitimate ways, than to use viruses and other malware. So, clearly we should be looking beyond Anti-Virus!
Our last statistic, that 68% of breaches took months or longer to discover might sound alarming, and with good cause. Attackers often spend mere minutes or hours gaining access, finding the data they want, and exfiltrating it from your business. And yet, we might not find them for months. This is all too common, that by the time we detect something has happened, the attackers are long-gone with your data.
- Log in to post comments