Each year, security experts like TeamLogic IT and others relish in previewing results from Verizon’s highly anticipated Data Breach Investigations Report (VDBIR). One reason is that the in-depth research reveals existing cybersecurity gaps, where such holes occur, who’s sneaking in and why. Another is that it objectively documents where companies, especially those with IT budget constraints, need to focus future security efforts. This year’s report includes statistics gathered from 157,525 security incidents from 81 countries, including 4,000 confirmed data breaches. Use these high-level takeaways in security planning sessions with your IT Managed Services Provider (IT MSP) or other trusted IT pro.
: 45% of breaches involved hacking, while 22% included social engineering and 17% relied on malware. Another 22% came from errors made by users and system admins.
: 72% of breaches came from large businesses, while small firms accounted for 28%. Healthcare, finance, manufacturing, information services and public entities experienced the most breaches, and nearly 60% of all incidents resulted in compromised personal data.
Verizon attributed nearly three-quarters of breaches (70%) to external actors, including organized crime, which accounted for 55% of compromises. Why do crooks do it? Mostly for financial gain, the reason cited for 86% of breaches in the 2020 VDBIR.
Ask your IT MSP about the practicality of implementing the following security measures: a strong least-privilege strategy; multifactor authentication; a regular cloud-service assessment (24% of breaches were tied to cloud services; 70% on premise and 77% with stolen or compromised credentials).