The 2017 Data Breach Investigations Report by Verizon was just recently published and it contains a few interesting data points:
- 75% of the breaches were conducted by outsiders. So, the outsider threat is by far bigger than the insider. However, if you would assume breach, you kind of kill both attacks with one approach
- 51% involved organized criminal groups. So about half is really with a criminal intent.
- 81% involve stolen or breached passwords. I think it is really time to get over that and change the approach. I guess we need to leverage technology like biometry or Windows Hello (which is biometry again, I know) to get ahead of the game here. This could be the single biggest threat to the attackers.
- The victims are fairly even distributed amongst all the industry sectors. This is really surprising to me as having criminals behind the attacks, I would have expected to have the financial services sector more in the focus of attacks.
So, once again, a very interesting report – as always when it is published