Data Breach Investigations Report 2020 – Key Takeaways for Business
Wireless communications company Verizon have recently published their Data Breach Investigations Report for 2020. A thorough analysis of cyber threats to businesses, the report provides key insights for businesses on the nature and personality of cyberattacks, both as a whole and within their industry, throughout the course of 2019.
Motive and Mode
On the surface of things, the most common motivation for attack was financial gain, which applied to 86% of incidents. Of all successful breaches, 58% of those victims had personal data compromised: be this customer data, and/or employee credentials and information.
For any business, this type of attack can be incredibly debilitating. Not only will the corporation breached be exposed in a negative light by the press, they are legally required to inform all persons whose information may have been compromised. If sensitive financial information has been used fraudulently by the criminal, under the UK’s Data Protection Act the company is thereby liable for any compensation of loss filed by the victim.
Whilst the majority of breaches (72%) involved large business victims, small businesses still made up 28%; typically, it is those smaller enterprises that face the most threatening repercussions to operation and cash flow.
Threat Action and Discovery
Of all incidents, an immense 90% came via Web Applications that exploited vulnerabilities in the network’s infrastructure. Within this, DoS (Denial of Service) hacks proved the most common threat action accounting for 60% of breaches. A DoS attack renders the company devices or network resource unavailable to users by disrupting the host services connected to the internet. This often results in system downtime, consequently costing the business and disrupting day-to-day operation.
Web Application attacks find their way into an organisation’s network typically through unpatched vulnerabilities in web application infrastructure and can be found easily by hackers with automated tools. It is best practice to ensure patches and software remain up to date, especially on mobile devices. Another mode of entry for these attacks are via the all too well-known phishing scam, which often compromises or steals employee credentials.
An alarming 20% of breaches took months or more to be detected within the organisation’s network, largely as a result of those companies failing to ensure their software remained up to date.
Within the Professional, Scientific and Technical Services fields, DoS attacks made up the large majority of all incidents, however report rates were low, implying that employees were not reporting whether or not they’d been exposed to a phishing scam – the same too can be said for Educational Services, causing a loss in critical response time. This is particularly harmful, as 75% of their data compromised consisted of personal information.
Two industries also with a high percentile of personal and sensitive data disclosed in breaches are the financial and insurance(F&I), and healthcare industries. Web Application breaches accounted for 80% of incidents in F&I, with a third of these reporting data compromised. Similarly, in healthcare 65% of incidents reported data disclosure, the nature of which included high proportions of both medical and personal information.
How can you develop your organisation’s cyber resilience strategy?
In light of the majority of attacks stemming from Web Applications, first and foremost it is vital for organisations to keep their software infrastructure up to date and patched – this includes application security on mobile devices used for work. Regular updates allow application and software providers to patch any potential vulnerabilities that hackers could exploit.
In this day and age, data and network sharing within businesses where employees work over multiple sites has become steadily more reliant upon cloud databases (the misconfiguration of which can also lead to problems). Now more than ever it is important for businesses to ensure that employees have a secure network in which to communicate and share information, particularly of a sensitive, confidential or intellectual disposition.
At Serbus, we have assisted government organisations and world class brands alike (also within the financial, pharmaceutical and insurance sectors), to enhance their device and network security when it comes to business communications and safe working across multiple locations, nationally or internationally.
Our Serbus Secure solutions are tailored to client needs and requirements, ascertained by both the client and a thorough review from our expert project management team.
To get in touch with us for a non-obligatory chat today, you can email us at [email protected], or call us on +44 (0) 1432 870879.