Tuesday, April 23, 2013

Insights from the 2013 Verizon Data Breach Investigations Report

The annual Verizon Data Breach Investigations Report (DBIR) is arguably the most comprehensive, highly respected published research on the subject of corporate data breaches. From where I sit, it's certainly the most-quoted third-party source in cybersecurity white papers, books, and eBooks. I've personally quoted stats hundreds of times from these reports since their inception in 2008.

Verizon's latest report covers data breaches investigated during 2012 by the company's RISK Team and 18 other organizations from around the globe, including various law enforcement agencies (including the U.S. Secret Service) and national computer emergency response teams (CERTs).

The report compiles information from more than 47,000 security incidents and 621 confirmed data breaches resulting in over 44 million compromised records across 27 countries. But what's particularly notable is that this is the first time Verizon has incorporated information on breaches resulting from state-sponsored cyberespionage attacks. In fact, such attacks accounted for 19% of the data breaches covered in the report, with more than 95% of the associated cases originating from China.

The full Verizon report is 63 pages long. Here are a few of the most-notable highlights:
  • 37% of breaches affected financial institutions; 24% retail
  • 92% of breaches were perpetrated by outsiders
  • 19% of breaches attributed to state-affiliated actors
  • 52% of breaches used some form of hacking
  • 40% of breaches incorporated malware
  • 29% of breaches leveraged social tactics
  • 78% of initial intrusions rated as low difficulty
  • 69% of breaches discovered by external parties
  • 66% took months or more to discover
My hat goes off to Verizon for publishing such a comprehensive report each year. To download your free copy of the 2013 Verizon DBIR, click here: http://www.verizonenterprise.com/DBIR/2013/.