2017 DBIR report summary

Posted: Jul 17, 2017
Share This:

The 2017 Data Breach Investigations Report (DBIR) published by Verizon reveals exactly what is happening in the world of cyber security right now. This year’s report is based on analysis of over 40,000 incidents, including 1,935 confirmed data breaches.

The report reveals that a large number of organizations continue to rely on the same defense mechanisms every year, many of which are outdated and not aligned to the threats that exist today. Whilst it may be tempting for organizations to regurgitate the same old methods year after year, especially if they did not fall victim to any major incident, it is not a strategy that will position them well should a cybercriminal come knocking.

What’s worrying is that many organizations think they’ve got the basics of cyber security covered, yet 1 in 14 people are still falling for phishing scams through being tricked into following a link or opening an attachment, and a quarter of those went on to be duped more than once. 95% of phishing attacks that led to a breach were followed by some form of software installation. Where phishing successfully opened a door, malware ran in to capture and export data or take control of systems.

While attackers are adopting new tactics and tricks, their overarching strategies remain relatively unchanged, with 88% of breaches falling into the same 9 patterns that were identified in the 2014 edition of the DBIR. These include; crimeware, Cyber-Espionage, Denial of Service, Insider and Privilege Misuse, Miscellaneous Errors, Physical Theft and Loss, Payment Card Skimmers, Web Application Attacks, and Point of Sale Intrusions.

The three most affected industries were financial organizations (24%) healthcare organizations (15%), and public sector organizations (12%). The report reminds us that it’s not just the big players and household brands that find themselves on the cybercriminal’s hit list, with 61% of the data breach victims associated to businesses with under 1,000 employees.

With cyberattacks becoming more frequent and more advanced, it’s virtually impossible to prepare a system that is 100% secure. This is not helped by the fact that too many organizations are making it easy for cybercriminals. A massive 80% of hacking-related breaches were found to stem from stolen passwords and/or weak or easy-to-guess passwords. All too often, users, and even IT departments, are guilty of not changing the default password settings of their devices, which can easily be found online.

7 Quick Takeaways from the DBIR

Verizon believe a lot of the breaches identified in the report could have been avoided, if basic security measurements had of been in place and offers the below seven tips to cover the simple mistakes that are seen time and time again:

  • Be vigilant – Log files and change management systems can give you early warning of a breach.
  • Make people your first line of defense – Train staff to spot the warning signs.
  • Only keep data on a “need to know” basis – Only staff that need access to systems to do their jobs should have it.
  • Patch promptly – This could guard against many attacks.
  • Encrypt sensitive data – Make your data next to useless if it is stolen.
  • Use two-factor authentication – This can limit the damage that can be done with lost or stolen credentials.
  • Don’t forget physical security – Not all data theft happens online.

List taken from the 2017 Data Breach Investigations Report, Executive Summary.