Business Issues -> Security & Risk
Released: 23rd April 2014
Verizon security researchers, using advanced analytical techniques, have found that 92 percent of the 100,000 security incidents analyzed over the past ten years can be traced to nine basic attack patterns that vary from industry to industry. This finding, the highlight of Verizon’s "2014 Data Breach Investigations Report," will enable a more focused and effective approach to fighting cyberthreats.
"After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime – and the bad guys are winning," said Wade Baker, principal author of the Data Breach Investigations Report series. "But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically.
"Organizations need to realize no one is immune from a data breach. Compounding this issue is the fact that it is taking longer to identify compromises within an organization – often weeks or months, while penetrating an organization can take minutes or hours," Baker said.
The DBIR identifies the nine threat patterns as: miscellaneous errors such as sending an e-mail to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.
This year’s report found that on average, just three threat patterns cover 72 percent of the security incidents in any industry.
For example, in the financial services sector, 75 percent of the incidents come from Web application attacks, distributed denial of service (DDoS) and card skimming, while 54 percent of all manufacturing attacks are attributed to cyberespionage and DDoS. In the retail sector, the majority of attacks are tied to DDoS (33 percent) followed by point-of-sale intrusions (31 percent).
2014 Data Breach Investigations Report Offers New Insights into Cybercrime
Other key findings in the report include:
(NOTE: Additional resources supporting the "2014 Data Breach Investigations Report" are available, including high-resolution charts. B-roll available upon request.)
Now in its seventh year of publication, the 2014 data breach report analyzes more than 1,300 confirmed data breaches as well as more than 63,000 reported security incidents. For the first time, the DBIR includes security incidents that don’t result in breaches, in order to gain a better understanding of the cybersecurity landscape. Over the entire 10-year range of this study, the tally of data breaches now exceeds 5,900. Verizon is among 50 organizations from around the world that contributed data and analysis to this year’s report.
"This year’s report offers unparalleled perspective into the world of cybercrime, based on big data analysis," said Eddie Schwartz, vice president of global cybersecurity and consulting solutions at Verizon Enterprise Solutions. "The 2014 DBIR will advance how we approach cyberthreats as an industry and through our intelligence-gathering enable enterprise organizations to more strategically determine their best defense."
Download the Report
The 2014 report can be downloaded in full at:
Verizon Delivers Unparalleled Managed Security Services
Verizon is a leader in delivering global managed security solutions to enterprises in the financial services, retail, government, technology, healthcare, manufacturing, energy and transportations sectors. Verizon combines powerful intelligence and analytics with an expansive breadth of professional and managed services, including customizable advanced security operations and managed threat protection services, next-generation commercial technology monitoring and analytics, rapid incident response and forensics investigations and identity management. Verizon brings the strength and expert knowledge of more than 550 consultants across the globe to proactively reduce security threats and lower information risks to organizations.
For more information, visit us at http://www.verizonenterprise.com/solutions/security/.
For ongoing security insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog.
Published by: electronicdawn Ltd.