Categories


Authors

Verizon's 2020 Data Breach Investigations Report (DBIR)

Verizon's 2020 Data Breach Investigations Report (DBIR)

Reports released annually by cybersecurity companies are rich resources for cybersecurity professionals, academics, journalists and really anyone who is interested in cybersecurity. Among the dozens that are released each year, arguably the most famous of these is the Verizon Data Breach Investigations Report, also known as the DBIR. This week, Between The Hacks eagerly reviewed the newly released 2020 Verizon Data Breach Investigations Report. At 119-pages, this is the 13th edition of the DBIR and it is the most extensive with more than 32,000 incidents, 3,950 of which were confirmed breaches. If you’re strapped for time, or if you’re more of a TL;DR person and the thought of 119 pages of security stats turns your eyelids into weighted blankets, fear not, there is also a 19-page DBIR Executive Summary available for download. However, if you plan to take the marathon route and read it all, you might find the DBIR Cheat Sheet helpful on pages 4 and 5 of the main DBIR report.

The 2020 DBIR is made up of seven sections.

  1. Introduction & Summary of Findings

  2. Results and Analysis

  3. Industry Analysis

  4. Small and Medium-sized Businesses (SMB) Breaches

  5. Regional Analysis

  6. Wrap-Up

  7. Appendices

The report is rich in statistics and graphs which are great for adding to your next webinar presentation.

Image from Verizon’s 2020 DBIR

Attack Method Ranking Year-To-Year: Image from Verizon’s 2020 DBIR

While I am not going to write a full review here, I will share some of the key takeaways.

Key Takeaways

Graph from Verizon’s 2020 DBIR Executive Summary

Graph from Verizon’s 2020 DBIR Executive Summary

  • 96 percent of breaches involved IT and only 4 percent involved OT

  • 86 percent of data breaches were financially motivated, vs. 71 percent in 2019

  • While the insider threat is typically blamed for most breaches, the report shows that 70 percent of breaches were caused by external threat actors.

  • Cloud-based web application attacks doubled this year to 43 percent of data breaches.

  • 67 percent of breaches caused by credential theft (phishing and business email compromise), errors and social attacks.

    • 37 percent of credential theft breaches used stolen or weak credentials.

    • 25 percent involved phishing.

    • Human error accounted for 22 percent as well.

  • 58 percent of breaches involved personal data, almost twice as much as last year.

  • Ransomware made up 27 percent of malware incidents.

  • Patching is working! Less than 5 percent of breaches exploited vulnerabilities.

Key Industry Statistics

In addition to the overall statistics, the 2020 DBIR includes analysis of 16 industries. Here are a few highlights.

  • Manufacturing:  External actors using malware to obtain proprietary data for financial gain account for 29 percent of Manufacturing breaches.

  • Retail: 99 percent of incidents were financially-motivated. Interestingly, web applications rather than Point of Sale (POS) devices are now the main cause of Retail breaches.

  • Financial and Insurance: 30 percent of breaches were caused by attackers using stolen credentials in web application attacks.

  • Educational Services: Ransomware made up 80 percent of malware attacks, up from 45 percent the year before.

  • Healthcare: External breaches made up 51 percent (up from 42 percent in the 2019 DBIR), insider threat breaches were at 48 percent (59 percent last year) which means the healthcare industry had the highest number of internal threat actors.

  • Public Sector: Ransomware accounted for 61 percent of malware-based incidents.

Other Annual Cybersecurity Reports

While popular, the oft-quoted DBIR is not the only cybersecurity report in town. Many other companies release an annual cybersecurity report based on their research as well. Below are a few for your reference. Happy researching!

2020 IBM X-Force Threat Intelligence Index *

2020 Malwarebytes - State of Malware Report

2020 Webroot Threat Report

2020 Crowdstrike Global Threat Report *

2020 Checkpoint Cyber Security Report *

2020 Cisco Cybersecurity Report Series Small and Medium-Sized Business

2020 Cisco CISO Benchmark Report *

2020 Sonicwall Cyber Threat Report *

2019 FBI Internet Crime Report

2020 FireEye THE ROAD AHEAD: CYBER SECURITY IN 2020 AND BEYOND

2020 Accenture The State of Cyber Resilience

2020 Sophos Threat Report

2020 VMWare Carbon Black Cybersecurity Outlook Report *

2020 Veracode State of Software Security Report [Added May 30, 2020]

2020 The State of Mobile Phishing [Added June 6, 2020]

* Free to download if you share contact information

BTH News 22May2020

BTH News 22May2020

BTH News 15May2020

BTH News 15May2020