This year’s Verizon Data Breach Investigations Report is the first to review more than 10 years of security data. The result is a great overview of the threat landscape and the security incidents that plague certain industries.
Here are some charts and insights we pulled:
9 types of security incidents
More than 90% of the security incidents reviewed by Verizon over 10 years fell into nine types, or “incident patterns”:
- POS intrusions
- Web app attacks
- Insider misuse
- Physical theft/loss
- Miscellaneous errors
- Card skimmers
- DoS attacks
When looking at a specific industry, only two or three types of incidents drive more than 50% of the total:
As you can see, most industries grapple with specific types of incidents:
- Accommodation – 75% of incidents are attributed point-of-sale intrusions. No other type is above 10%.
- Healthcare – 46% of incidents are attributed to physical theft or loss. This is more than twice the percentage of any other type.
- Public – More than 50% of all incidents are attributed to internal misuse or miscellaneous errors. Another 19% are attributed to loss or theft. The public sector also had 40-times more security incidents in 2013 than any other industry.
“The public sector’s astronomical count is primarily a result of U.S. agency reporting requirements, which supply a few of our contributors with a vast amount of minor incidents,” according to the report.
External threats reign supreme
The report puts another nail into the coffin of the popular myth that internal threats are greater than external threats.
That may have been true for a brief period in 2007, but those days are long gone:
External threats account for roughly 90% of all breaches reviewed by Verizon in the last 10 years. I think they myth is dead. Also, note that “breaches” are different from “incidents”. Here are Verizon’s basic classifications for security events:
- Incident – A security event that compromises the integrity, confidentiality, or availability of an information asset.
- Breach – An incident that results in the disclosure or potential exposure of data.
- Data disclosure – A breach with a confirmed disclosure of data to an unauthorized party.
Hackers are the greatest threat
If you ever need a quick example of “exponential growth,” look no further than the line labeled “hackers” below:
The number of breaches attributed to hackers is rising alarmingly fast. Growth in malware breaches appears slower, but the number has hasn’t fallen in the last seven years. Breaches tied to social engineering – such as email phishing – are also rising.
Hackers want your money
Most cybercriminals are in it for the money. However, a growing number want to steal information for the motherland, and a few do it for laughs.
It may seem that hackers are beginning to be motivated less by money and more by espionage. However, the report’s authors note that the change likely has more to do with new contributors to the report who specialize in espionage research.
The report is fantastic. We recommend browsing through it if you have a moment: 2014 Verizon Data Breach Investigations Report