5 Key Findings from Recent Data Breach Investigations Report

Verizon recently released its latest “Data Breach Investigations Report” (DBIR) that analyzed 23,896 security incidents, of which 5,212 were confirmed breaches*, in the timeframe from Nov 2020 to October 2021. The hefty report, which for a data-filled technical piece demands your attention with cheeky jargon, offers the latest insights into how threat actors are operating, who they’re targeting and the attack methods that are delivering results. It’s overarching conclusion: this was one insane year in cybersecurity. Strap on your swimmies and let’s dive into the key findings of the report as well as some plain English explanations:

No organization is safe without a plan to handle each of the four key paths that bad actors take to your information: credentials, phishing, exploiting vulnerabilities and botnets.
The ways in which you’re exposed to the internet are the ways in which you’re exposed to the bad guys. Web applications and email are the top two vectors for breaches, which makes sense when the top variety, or type of action taken to breach, was use of stolen credentials followed by phishing. Stolen credentials are the weapon of choice for criminals because they allow the bad actor to masquerade as a legitimate user, moving through the victim’s network with ease. If you can access your documents and files directly over the internet by simply entering the credentials, so can the criminals. Utilizing the proper multilayered security practices is the most important way to make sure criminals don’t get your password in the first place.