TRENDING
• Chip and Pin payment technology has
started delivering security dividends:
The number of physical terminal
compromises in payment card-related
breaches is decreasing compared to web
application compromises
• Ransomware attacks are still going
strong: They account for nearly 24%
of incidents where malware was
used. Ransomware has become so
commonplace that it is less frequently
mentioned in the specialised media
unless there is a high-profile target
• Media-hyped cryptomining attacks
were hardly existent: These types of
attacks were not listed in the top 10
malware varieties and only accounted for
roughly 2% of incidents
• Outsider threats remain dominant:
External threat actors are still the primary
force behind attacks (69% of breaches)
with insiders accounting for 34% show a greater number of insider
compared to external attacks (60 versus
42% respectively). Unsurprisingly,
medical data is 18 times more likely to
be compromised in this industry and
when an internal actor is involved, it is
14 times more likely to be a medical
professional such as a doctor or nurse
• Manufacturing: For the second
year in a row, financially-motivated
attacks outnumber cyberespionage
as the main reason for breaches in
manufacturing and this year by a more
significant percentage (68%)
• Public Sector: Cyberespionage rose this
year – however, nearly 47% of breaches
were only discovered years after the
initial attack
• Retail: Since 2015, Point of Sale (PoS)
breaches have decreased by a factor of
10, while Web Application breaches are
now 13 times more likely
to cyberdetection tools to gain access
to a daily view of their security posture,
supported with statistics on the latest
cyberthreats. Security needs to be seen as
a flexible and smart strategic asset that
constantly delivers to the businesses and
impacts the bottom line.” Putting business sectors under
the microscope More data from highest
number of contributors ever
means deeper insights
Major findings in summary “Every year we analyse data and alert
companies as to the latest cybercriminal
trends in order for them to refocus their
security strategies and proactively protect
their businesses from cyberthreats. However,
even though we see specific targets and
attack locations change, ultimately the tactics
used by the criminals remain the same. There
is an urgent need for businesses – large and
small – to put the security of their business
and protection of customer data first. Often
even basic security practices and common
sense deter cybercrime,” said Sartin.
Bryan Sartin, Executive Director of Security
Professional Services at Verizon
The DBIR continues to deliver comprehensive
data-driven analysis of the cyberthreat
landscape. Major findings of the 2019
report include:
• New analysis from FBI Internet
Crime Complaint Center (IC3):
Provides insightful analysis of the
impact of Business Email Compromises
(BECs) and Computer Data Breaches
(CDBs). The findings highlight how
BECs can be remedied. When the IC3
Recovery Asset Team acts upon BECs
and works with the destination bank,
half of all US-based business email
compromises had 99% of the money
recovered or frozen; and only 9% had
nothing recovered
• Attacks on Human Resource personnel
have decreased from last year:
Findings saw six times fewer Human
Resource personnel being impacted this
year compared to last, correlating with
W-2 tax form scams almost disappearing
from the DBIR dataset
26
INTELLIGENTCIO
Once again, this year’s report highlights the
biggest threats faced by individual industries
and also offers guidance on what companies
can do to mitigate against these risks.
Industry findings of note include:
• Educational Services: There was a
noticeable shift towards financially-
motivated crime (80%). A total of 35%
of all breaches were due to human error
and approximately a quarter of breaches
arose from web application attacks, most
of which were attributable to the use of
stolen credentials used to access cloud-
based email
• Healthcare: This business sector
continues to be the only industry to
“We are privileged to include data from
more contributors this year than ever
before and had the pleasure of welcoming
the FBI into our fold for the very first time,”
said Sartin.
“We are able to provide the valuable insights
from our DBIR research as a result of the
participation of our renowned contributors.
We would like to thank them all for their
continued support and welcome other
organisations from around the world to join
us in our forthcoming editions.”
This is the 12th edition of the DBIR and
boasts the highest number of global
contributors so far – 73 contributors since
its launch in 2008. It contains analysis of
41,686 security incidents, which includes
2,013 confirmed breaches. With this increase
of contributors, Verizon saw a substantial
increase of data to be analysed, totalling
approximately 1.5 billion data points of non-
incident data.
This year’s report also debuts new metrics
and reasoning which helps identify which
services are seen as the most lucrative for
attackers to both scan for and attack at
scale. This analysis is based on honeypot and
Internet scan data. n
www.intelligentcio.com