Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
What it takes to convince leadership that migrating to the cloud is the right move.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Posts
By: Tim Foley
Table of content
Like a favorite movie that you’ve watched time and time again, Verizon’s 12th annual Data Breach Investigations Report (DBIR) retains the same charm of past iterations, yet still finds a way to keep us hooked. If this is your first time around and you’re not a diehard cinema cyber security fanatic like us, we have you covered with this synopsis. So, without further ado, welcome to the party, pal!
The 2019 Verizon Data Breach Investigation Report covers data collected from 41,686 security incidents, and 2013 data breaches from 73 sources covering 86 countries in 2018. Unsurprisingly, it contains some of the same characters as previous years, but luckily provides the following new information to keep things interesting:
Much like last year’s report, the largest percentage of breach victims came from small- and medium-sized businesses (SMB). Statistically, 43% of breaches involved small businesses (compared to 58% in 2017). These SMBs are often less prepared to combat these security attacks but deal with many of the same threats as their larger counterparts. In a major departure from last year’s report, healthcare breaches made up only 15% of breaches versus 24% in 2017.
Source: Verizon DBIR Executive Summary
What may be the most interesting data on this chart is that over 1 in 3 attacks involve internal actors. This means that out of all breaches that were recorded in 2018, 34% included someone within an organization that facilitated an attack in some way. Read about insider threat indicators to help protect your organization against these threats.
Verizon analysts also identified that 1 in 4 breaches are caused by accidentally publishing data to an unintended audience, misconfiguring servers, or incorrectly delivering sensitive information. These factors are all preventable. Internal system checks and other configuration scanning can immensely reduce the risk of accidental disclosure, and external system checks can reduce this even further. Do not discount the ability of even the best individuals to make mistakes. Measure twice, cut once.
In 2018, good, old-fashion hacking remained king of the hill in terms of vehicles used for data breaches. What really takes us into Hazzard County is that incidents using social engineering as the attack method have doubled since 2013. Though humans have always been the weakest link in the path to a breach, we are being exploited more than ever. Phishing, the act of utilizing a scam link in an apparently innocent email or other communication, is still the most utilized social engineering technique. However, pretexting, a method in which an attacker develops a dialogue with their victim to gain information, now represents close to 20% of social attacks, increasing the combined attacks to 97% of social breaches.
Source: Verizon DBIR Page 4
A new addition to the Data Breach Investigations Report is a breakdown of threats faced in 2019 by industry. This is highly relevant to any individual working in a cyber security or IT role as it allows one to focus on likely attack vectors and threats that are most commonly associated with certain industries.
When analyzing the table below, it is important to know the difference between a breach and an incident: an incident represents an event that breaks the rules or policy of the organization in which it occurred, while a breach must meet certain state and/or federal regulatory guidelines.
Source: Verizon DBIR Page 8
It’s 2019, and on one side or another, you are part of the statistics presented in the DBIR. Hitting 88 miles per hour in your DeLorean can’t turn back time after an incursion, but if you remain vigilant and keep your security top-of-mind, you can reduce the risk of an incident or breach, and manage the impact that it has on your business. Here are a few ways to stay on top of your security:
If this is your first time around with the Data Breach Investigations Report, you should be anything but alarmed or worried. If knowledge is power, the annual Verizon Data Breach Investigations Report has given us the tools and insights we need to become more resilient in both our personal and professional lives. The industries have shifted slightly over the last few years, but many of the attack vectors remain constant; social engineering, emails, insider threats, and ransomware are all still popular methods for cyber attackers, who will not shift their tactics until they are forced to do so.
At Dataprise Cyber, we provide our customers with the people, processes, and technology to detect and respond to even the most sophisticated attacks. We provide the visibility and telemetry necessary to ensure that their business remains safe, no matter the threat.
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.