May 3, 2013 - For the past six years, Verizon has been releasing a paper titled the Data Breach Investigation Report (DBIR). The report provides a wealth of information about how data breaches occur, who is behind them and what motivates the criminals behind many of the breaches. The results are somewhat eye opening.
According to the DBIR, nobody is immune to data breaches. Here are some of the report's findings:
- 86% of data breaches that involve hacking don't involve employees of the company or organization being hacked,
- 78% of hacking data breaches were unsophisticated; involving low, or very low skill levels,
- 62% of data breaches took months to discover. 4% of data breaches took years to discover,
- 22% of data breaches were not contained for months after their initial discovery,
- 37% of data breaches occurred in financial services organizations with ATMs being the most vulnerable point of attack,
- 24% of data breaches occurred in retail stores and restaurants.
While it is probably not surprising to anyone that 75% of intentional data breaches were financially motivated, you may be surprised to learn that 19% of intentional data breaches were as a result of espionage by foreign government agencies. 52% of the data breaches in this category involved hacking or malware.
With regard to unintentional data breaches caused by employees or contractors in organizations, 41% were caused by the use of unauthorized equipment such as unsecured smart phones or USB drives. Lost or stolen laptop and desktop computers were also significant contributors to data breaches in this category.
The report clearly shows that organizations that store significant amounts of personal data on their customers and employees need to do a better job of securing their data. You can find the entire report here. There is also a shorter, executive summary available.
byJim Malmberg
Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.
Follow me on Twitter:
|