Data Breach Report

The Verizon 2015 Data Breach Investigations Report (DBIR) provides a detailed analysis of almost 80,000 incidents, including 2,100+ confirmed data breaches.

Protecting your organization from a data breach could save your business tens of millions of dollars, and help maintain customer loyalty and shareholder confidence. Data security isn’t something that should be left to the IT department. It’s so important that it should matter to leaders, and indeed employees, from all functions.

The motives for attacks are varied: attackers may be looking for payment card data or sensitive commercial information, or simply to disrupt your business. And the methods of attack are becoming increasingly sophisticated-often involving a combination of phishing, hacking, or malware.

Then there’s the staggering speed with which attackers can breach your defenses. It can take just seconds. But while attackers don’t take long to compromise a system, in many cases it takes an organization months or even years to discover that it’s a victim.

New opportunities have emerged.

Does the increased use of mobility and the Internet of Things (IoT) leave you more open to attacks on your data and systems? Verizon looked at the malicious activity across all wireless devices over a six-month period and found that the incidence for all types of malware was extremely low, and the bulk of it was resource-wasting, but low-impact, infections.

There have been few security incidents involving machine-to-machine (M2M) devices. But that doesn’t mean you should ignore this area when planning your defenses-make sure you have robust access controls and encrypt sensitive data.

Old techniques are still a threat.

Phishing remains popular with attackers. Campaigns have evolved to include the installation of malware. The Verizon data suggests that such attacks are becoming more effective, with 23% of recipients now opening phishing messages and 11% opening attachments. It gets worse. On average, it’s just 82 seconds before a phishing campaign gets its first click.

Across the 20,000 organizations Verizon looked at, there were 170 million malware events intercepted. And 70−90% of those were unique to a single organization. They’re not talking about malware that’s written to target a particular victim-although They’ve seen that too. They’re referring to hackers introducing simple modifications to the code each time they use it. This changes the identifying signature that traditional anti-virus products look for, enabling the malicious code to get through and compromise systems.

Old vulnerabilities remain open.

Verizon found that ten vulnerabilities accounted for almost 97% of the exploits in 2014. The remaining 3% consists of 7,000,000 other vulnerabilities. Most attacks exploited known vulnerabilities where a patch has been available for months, often years. Of the vulnerabilities detected in 2014, Verizon found more dating back to 2007 than from any year since.

Familiar patterns remain.

Last year Verizon identified nine incident patterns that cover most of the challenges you’re likely to face. This year, those patterns covered 96% of all incidents. And the news gets better. In your industry, the majority of threats are likely to be covered by just three of these patterns. By using Verizon’s nine incident classification patterns, you can effectively prioritize your efforts and build firm foundations for your defenses.

Adding up the costs.

Organizations are constantly asking Verizon to put a figure on the cost of a breach to help them demonstrate the value that they are delivering and justify their data security budgets. This year, for the first time, the 2015 DBIR estimates the costs you can expect to incur if you fail to protect your data.

Other models tend to oversimplify the cost of a breach. Verizon used actual cyber-liability insurance claims data to develop a more robust model that accounts for the uncertainty of costs as the number of records involved increases.

Using this model, Verizon estimates that the average loss for a breach of 1,000 records will be between $52,000 and $87,000-$52 to $87 per record. In contrast, the average loss caused by a breach affecting 10 million records is estimated be between $2.1 million and $5.2 million-$0.21 to $0.52 per record.

What does this mean for me?

The costs of a breach can far outweigh the effort and resources required to keep your business secure. Verizon hopes that this model helps you when you’re trying to explain the financial implications of a data breach to your organization.

Learn more.

The Verizon 2015 Data Breach Investigations Report helps you understand the threats to your organization and improve your defenses against them. The DBIR Table of Contents includes:

Introduction … 1
Victim Demographics … 2
Breach Trends: “Looking Back Before Diving Ahead” … 4
Before and Beyond the Breach … 7
Indicators of Compromise: “Sharing Is Cyber-Caring” … 8
Phishing: “Attn: Sir/Madam” … 12
Vulnerabilities: “Do We Need Those Stinking Patches?” … 15
Mobile: “I Got 99 Problems and Mobile Malware Isn’t Even 1% of Them” … 18
Malware: “Volume, Velocity, and Variation” … 21
Industry Profiles: “Raising the Stakes with Some Takes on NAICS” … 24
Impact: “In the Beginning, There Was Record Count” … 27
Incident Classification Patterns … 31
Point-of-Sale Intrusions … 35
Payment Card Skimmers … 37
Crimeware … 39
Web App Attacks … 41
Denial-of-Service Attacks … 43
Physical Theft/Loss … 45
Insider Misuse … 46
Miscellaneous Errors … 49
Cyber-Espionage … 52
Wrap-Up … 55
Appendix A: Year in Review … 57
Appendix B: Methodology … 59
Appendix C: Contributing Organizations … 61
Appendix D: The Internet of Things … 62

You can download the full report at this web page.