Aaron Jentzen | June 10, 2019
Verizon recently released the 2019 Data Breach Investigations Report (DBIR), its annual analysis of real-world security events impacting organizations around the globe. The report draws on data from 73 contributing organizations, including Proofpoint Security Awareness Training. It analyzes 41,686 security incidents, of which 2,013 were confirmed data breaches.*
As in previous years, the 2019 DBIR illustrates the prevalence of social engineering and phishing attacks, which underscores the need for a people-centric approach to cybersecurity. Phishing was the top threat action: It was involved in 32% of confirmed breaches, as well as 78% of cyber-espionage incidents.
It is also worth noting that 28% of breaches involved malware infections, and 29% involved the use of stolen credentials—both of which are frequently accomplished through phishing attacks.
After phishing, pretexting is the second most common social threat action. Pretexting includes some dialogue or back-and-forth, especially over the phone. Attackers often use pretexting to target employees in finance or human resources and may impersonate executives as part of a business email compromise (BEC) attack.
Although data breaches pose a risk for every type of organization, some industries are more susceptible to specific kinds of attack. Accordingly, the DBIR analyzes how threat actors, motives, tactics, and attack patterns impact different industries. The following highlights speak to the importance of mitigating end-user risk through security awareness training:
For more phishing statistics, get your copy of the 2019 State of the Phish Report.
With cybercriminals regularly targeting people rather than technical vulnerabilities, organizations should expand their view of cybersecurity and take a people-centric approach. The DBIR offers a number of recommendations for preventing breaches, several of which involve educating end users:
While these recommendations may seem obvious to many infosec professionals, that doesn’t mean they aren’t highly effective—or that organizations are effectively applying them. “There is an urgent need for businesses—large and small—to put the security of their business and protection of customer data first,” says Bryan Sartin, executive director of security professional services at Verizon. “Often even basic security practices and common sense deter cybercrime.”
* For reference, Verizon makes a clear distinction between a security incident and a security breach. An incident is “a security event that compromises the integrity, confidentiality or availability of an information asset.” A breach is “an incident that results in the confirmed disclosure—not just the potential exposure—of data to an unauthorized party.”
Posted by Aaron Jentzen on 06.10.19
Posted by Aaron Jentzen on 06.10.19
Posted by Aaron Jentzen on 06.10.19