TRENDING
“
WE ARE
PRIVILEGED TO
INCLUDE DATA
FROM MORE
CONTRIBUTORS
THIS YEAR THAN
EVER BEFORE
AND HAD THE
PLEASURE OF
WELCOMING THE
FBI INTO OUR
FOLD FOR THE
VERY FIRST TIME.
24
INTELLIGENTCIO
“Technical IT hygiene and network security
are table stakes when it comes to reducing
risk. It all begins with understanding your
risk posture and the threat landscape so
you can develop and action a solid plan to
protect your business against the reality
of cybercrime. Knowledge is power and
Verizon’s DBIR offers organisations large
and small a comprehensive overview of the
cyberthreat landscape today so they can
quickly develop effective defence strategies.”
A successful pretexting attack on senior
executives can reap large dividends as a result
of their – often unchallenged – approval
authority, and privileged access into critical
systems. Typically, time-starved and under
pressure to deliver, senior executives quickly
review and click on emails prior to moving
onto the next (or have assistants managing
email on their behalf), making suspicious
emails more likely to get through. The
increasing success of social attacks such as
business email compromises (BECS – which
represent 370 incidents or 248 confirmed
breaches of those analysed), can be linked
to the unhealthy combination of a stressful
business environment combined with a lack of
focused education on the risks of cybercrime.
This year’s findings also highlight how the
growing trend to share and store information
within cost-effective cloud-based solutions
is exposing companies to additional security
risks. Analysis found that there was a
substantial shift towards compromise of
cloud-based email accounts via the use of
stolen credentials. In addition, publishing
errors in the cloud are increasing year-over-
year. Misconfiguration (‘Miscellaneous
Errors’) led to a number of massive, cloud-
based file storage breaches, exposing at
least 60 million records analysed in the DBIR
dataset. This accounts for 21% of breaches
caused by errors.
Bryan Sartin, Executive Director of
Security Professional Services at Verizon,
commented: “As businesses embrace new
digital ways of working, many are unaware
of the new security risks to which they
may be exposed. They really need access
www.intelligentcio.com