Highlights of the July 19, 2023, HBK Risk Advisory Services webinar hosted by William J. Heaven, CPA/CITP. CISA, CSCP, Senior Director, HBK Risk Advisory Services.
Watch On-Demand.
The Verizon Data Breach Investigations Report (DBIR) is based on data reported to Verizon by global expert cybersecurity firms. The primary purpose of the DBIR is to inform organizations about the cybersecurity threats they face and how to protect against them. The DBIR is considered a “go-to resource” by many in the cybersecurity field. It is a global snapshot of what’s going on in terms of cybersecurity incidents and breaches in various industries.
Background
The 2023 Report is the 16th annual edition; was released in June.
Highlights about 20 vertical industries
67 contributing organizations
16,312 incidents: 1800 targeted at manufacturing industry (11%)
5,212 confirmed data breaches: 262 in manufacturing industry (5%)
Categorized by VERIS system: Vocabulary Event Recording and Incident Sharing.
Started tracking in 2010
Tracks eight patterns in a wide range of industries: denial of service, lost and stolen assets, miscellaneous errors, privilege misuse, social engineering, system intrusion, web applications, and everything else. Some attacks can be identified by more than one category.
Phishing is number one attack relative to lost and stolen assets, becoming more prevalent.
Definitions:
Incident definition: a security event that compromises the integrity, confidentiality, or availability of an information asset
Breach definition: an incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party
Reasons definitions exist include for cybersecurity insurance applications.
For selected industries—financial, healthcare, manufacturing, information, and professional—the top three threats are social engineering, system intrusion, and web applications.
Why pay attention to DBIR?
The more you know about cyber threats you face, and what other companies in your industry are facing, the better your chances of keeping your data secure.
Helps you learn where to focus your attention.
The report is interesting as well as valuable.
Find the report via Google search or the Verizon.com/DBIR.
Full version is about 88 pages with an executive summary of less than 20 pages in length.
Also can get insider reports on particular industries.
Takeaways from the 2023 Report:
Ways attackers get to your information:
Credentials
Phishing
Exploiting vulnerabilities
Advice: Educate employees about phishing, and scan for and patch your vulnerabilities:
74% of all breaches includes human element (errors, privilege misuse, or social engineering)
Ransomware is still a big problem:
Increased by 13 percent in 2022 Report: more than previous five years combined.
Remains at same level in 2023 Report.
One in 4 cyber attacks involves ransomware.
Average cost to a company for a ransomware attack in 2022 was $4 million-plus.
Social engineering: incidence of pretexting rose
Half of all social engineering incidents used pretexting.
Business email compromises are common.
Errors continue as a trend:
Misdelivery (wrong recipient; 43% of breach errors)
Misconfiguration (21% of breach errors)
Publishing (showing to the wrong audience; 23% of breach errors)
Small and medium-size businesses
Used to be a large disconnect between occurrences in large versus smaller companies, but now moving closer together.
Patterns are virtually the same.
Large businesses tend to discover breaches sooner; they have more resources to identify they’re being breached.