4 Security Insights via 2014 Verizon Data Breach Investigations Report

This year’s Verizon Data Breach Investigations Report is the first to review more than 10 years of security data. The result is a great overview of the threat landscape and the security incidents that plague certain industries.

Here are some charts and insights we pulled:

9 types of security incidents

More than 90% of the security incidents reviewed by Verizon over 10 years fell into nine types, or “incident patterns":

  • POS intrusions
  • Web app attacks
  • Insider misuse
  • Physical theft/loss
  • Miscellaneous errors
  • Crimeware
  • Card skimmers
  • DoS attacks
  • Cyber-espionage

When looking at a specific industry, only two or three types of incidents drive more than 50% of the total:

4 - chart - breach category by industry

As you can see, most industries grapple with specific types of incidents:

  • Accommodation - 75% of incidents are attributed point-of-sale intrusions. No other type is above 10%.
  • Healthcare - 46% of incidents are attributed to physical theft or loss. This is more than twice the percentage of any other type.
  • Public – More than 50% of all incidents are attributed to internal misuse or miscellaneous errors. Another 19% are attributed to loss or theft. The public sector also had 40-times more security incidents in 2013 than any other industry.

“The public sector's astronomical count is primarily a result of U.S. agency reporting requirements, which supply a few of our contributors with a vast amount of minor incidents,” according to the report.

External threats reign supreme

The report puts another nail into the coffin of the popular myth that internal threats are greater than external threats.

That may have been true for a brief period in 2007, but those days are long gone:

1 - chart - breach categories over time

External threats account for roughly 90% of all breaches reviewed by Verizon in the last 10 years. I think they myth is dead. Also, note that “breaches” are different from “incidents”. Here are Verizon’s basic classifications for security events:

  • Incident - A security event that compromises the integrity, confidentiality, or availability of an information asset.
  • Breach – An incident that results in the disclosure or potential exposure of data.
  • Data disclosure – A breach with a confirmed disclosure of data to an unauthorized party.

Hackers are the greatest threat

If you ever need a quick example of “exponential growth,” look no further than the line labeled “hackers” below:

2 - chart - threat action category over time

The number of breaches attributed to hackers is rising alarmingly fast. Growth in malware breaches appears slower, but the number has hasn’t fallen in the last seven years. Breaches tied to social engineering – such as email phishing – are also rising.

Hackers want your money

Most cybercriminals are in it for the money. However, a growing number want to steal information for the motherland, and a few do it for laughs.

3 - chart - threat actor motive over time

It may seem that hackers are beginning to be motivated less by money and more by espionage. However, the report's authors note that the change likely has more to do with new contributors to the report who specialize in espionage research.

The report is fantastic. We recommend browsing through it if you have a moment: 2014 Verizon Data Breach Investigations Report


Related resources

Calyptix 2013 research report summary

Top Threats: Massive denial-of-service attacks

Written by Calyptix

 - May 20, 2014

About Us

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology. Our customers do not waste time with security products designed for large enterprises. Instead, we make it easy for SMBs to protect and manage networks of up to 350 users.
call us
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram