Given the deluge of headlines, warnings, and general panic in cybersecurity, it can be easy to forget that we are not yet halfway through 2018. Perhaps it’s no wonder: according to Verizon’s 2018 Data Breach Investigations Report, this year has already seen 53,000 cybersecurity incidents and 2,216 confirmed data breaches.
Here are some of the key findings from Verizon’s 2018 Data Breach Investigations Report:
- 62% of external data breaches by actors stem from organized crime organizations.
- 25.9% of internal data breaches are caused by system admins. This position constitutes the most common insider threat.
- End-users constituted the second most common insider threat at 22.3%.
- 76% of data breaches have financial motivations.
- 68% of data breaches dwelt on corporate networks for one month or longer before being detected.
- 58% of data breaches attacked small businesses, which makes them the most commonly attacked segment.
- 47% of manufacturing data breaches were motivated by espionage or by the theft of intellectual property.
- 19.6% of data breaches targeted databases, making them the top targeted enterprise asset.
93% of social attack-based data breaches involved phishing, with email being the most common social attack vector at 96%. According to Verizon’s 2018 Data Breach Investigations Report, 59% of phishing attacks are motivated by financial gain.
The top targeted industries for data breaches are healthcare, accommodation, public administration, retail, and finance. The real takeaway from this report is a common refrain in cybersecurity but one that bears repeating: no one is safe in the digital world. This is a message that plenty of enterprises hear yet don’t seem to absorb. CEOs and board members will insist that they are too small, too remote, too far-flung of an industry to be hacked. But given the prevalence of small business data breaches and the mercenary motivations behind so many hacks and attacks, these self-assurances ring false.
Verizon’s 2018 Data Breach Investigations Report proves that even though small businesses may not receive the attention that bigger hacks get, devastating data breaches can hit them just as hard…if not harder.
Latest posts by Ben Canner (see all)
- Endpoint Security Automation with Liviu Arsene of Bitdefender - November 14, 2018
- Key Findings: Secureworks State of Cybercrime Report 2018 - November 14, 2018
- What is Grayware and How Can You Defend Against It? - November 13, 2018