Things to Consider from Verizon’s 2018 Data Breach Investigations Report
Last week, I secured a copy of the 68-page full 2018 Data Breach Investigations Report (DBIR) prepared by Verizon Enterprise Solutions, which includes actual data breaches and incidents, who is behind these attacks and what industry is most affected etc. Rather than read all 68 pages, I will provide an overview of some key points from the report and if you’re compelled to dig deeper, see the full report here.
So far this year, there have already been over 53,000 incidents and 2,216 confirmed data breaches. What industry to you think accounted for the highest breaches? If you thought of the healthcare industry, then you got that right. It’s noteworthy to let our readers know that 58 percent of these breaches were small businesses, which is more likely due to the limited resources they have compared to medium and large enterprise organizations. (Note: To keep things concise, we’ve limited this list to industries with at least 100 breaches investigated.)
Below are some of the key highlights of the report:
The top five industries suffering the most breaches are:
- Accommodation and food services
The top five action varieties in breaches are:
- Use of stolen credentials (hacking)
- RAM scraper (malware)
- Phishing (social)
- Privilege (misuse)
- Misdelivery (error)
The top five external actor varieties in breaches are:
- Organized crime
- Unaffiliated state
- State affiliated
- Nation state
- Former employees
Other notable statistics:
- Most frequent malware vectors are from email (92.40 percent).
- Most common physical lost are at the victim’s workplaces and in employee-owned vehicles.
Going into the year’s midpoint, perhaps now is the time to consider some of these best practices in mitigating some of the threats and protect both your personal as well as customer data:
3-2-1 backup rule: Have at least three secured copies both locally, externally and remotely (cloud).
- Update software: Improve performance and ensure that software runs efficiently and has the latest patches for security.
- Protect your network: Make sure you hide your SSID (service set identifier) and have in place current anti-virus software, physical firewall (or virtual firewall), such as our active network threat protection. Be sure to have complicated passwords, since hackers can access and compromise your company network with one bad password.
- Be mindful of your email before you click on links from unknown senders.
- Use a remote virtual private network (VPN) when on public Wi-Fi.
- Don’t leave your laptop or devices in the car. Instead, take it with you.
Questions? Our team of experts are always here to help and find the right solutions for your business needs. For best practices and values, or to learn more about cybersecurity suite, call us at 1-888-601-0401 or email us at [email protected].