Important Trends From the 2017 Verizon Breach Report

Verizon Blog Image2

The 2017 Verizon Data Breach Investigations Report (DBIR) marks the 10th year this prestigious report has been published and as in year’s past, IT professionals and business leaders from every industry will pore over the findings to extract the statistics and trends most relevant to their security needs.

This Verizon report has been a valuable tool for helping organizations create more effective security strategies by showing them where their vulnerabilities may lie and making them more aware of prevailing threats and attack trends.

Here are a few valuable nuggets from this year’s DBIR:

Adversaries are not just after the big fish: The report found that 61 percent of breach victims are businesses with under 1,000 employees. You may think that as a small or medium-sized business (SMB) you’re less likely to be targeted than a larger, higher-profile organization, but ineffective or legacy security could mark you as low-hanging fruit. SMBs need to recognize their potential vulnerability and focus on implementing next-generation technology and solid security policies. Look for next-gen endpoint protection delivered via cloud native architecture. It can be deployed within minutes, giving you comprehensive protection without burdening your IT staff.

Phishing scams are still a huge problem:  Despite news of many high-profile breaches that started with a phishing email, countless security blogs warning of this exploit, and efforts  to increase awareness through employee training, tried and true phishing scams continue to thrive.  According to the DBIR, 95 percent of phishing attacks that resulted in a breach were followed by a software installation. This means that an employee fell for a phishing email, clicked on a link, or merely opened the email and malware was deposited. What are the lessons? First, better detection tools exist now, but organizations aren’t using them, and second, these advances still haven’t eliminated the need for employee vigilance. Deploying an advanced endpoint detection and response (EDR) solution can protect your organization against the malicious payloads delivered via phishing emails —  a level of protection above and beyond email security solutions.

Ransomware is bigger than ever: Ransomware moved from its position as 22nd most common malware to No. 5 – quite a jump. It hit some industries particularly hard, notably healthcare, where 72 percent of malware incidents were ransomware attacks. Innovations by attackers, such as enabling organizations to pay anonymously via Bitcoin, contributed to this increase, as well as the fact that many organizations chose to pay the ransom rather than risk losing their data forever. Again, next-gen antivirus technology that can defend against ransomware exists now. Organizations need to update their strategy to include the most cutting-edge security tools or they will continue to pay.

Not all attacks are smash-and-grab operations: Cyber espionage continues to be a huge threat for the manufacturing, public administration and education sectors. Stealing intellectual property and spying on competitors is still an important motivator for malicious activity. The report also shows that manufacturing and public administration organizations are the primary recipients of these attacks, with universities mentioned as prime targets because of the treasure troves of valuable research data they retain. Perhaps the most shocking cyber espionage statistic revealed in the report is that in 60 percent of cases involving public administration entities, it took years (yes, years) for the victim organizations to discover they had been breached.

Not surprisingly, the report concludes that “cybercriminals aren’t satisfied with the status quo,” which prompts the question, “Are we willing to evolve at the same pace as that of our adversaries?”  The tools and intelligence to get ahead of the attacker are readily available, we simply have to choose to adopt them. The report shows that whether organizations are relying on the same standard security measures that failed in the past, or simply neglecting to change passwords or patch systems, many of the breaches occurring every day are avoidable. The 2017 Verizon DBR has many such lessons to offer.

Take a deep dive into the Verizon DBIR with Verizon and CrowdStrike

The findings highlighted here only scratch the surface of this report. To receive more valuable insights into the DBIR findings join Verizon Senior Analyst Suzanne Widup and CrowdStrike VP of Product Management Rod Murchison for an exclusive webcast: “The Modern Attack Landscape: Verizon’s Analysis of their 2017 Data Breach Investigations Report (DBIR).”   The presenters will delve more deeply into the trends revealed in the report and the types of attacks and adversaries targeting you. You’ll also receive expert guidance on strategies to improve your organization’s security posture and keep it from becoming a statistic in the next Verizon DBIR.

 

Stop Breaches with CrowdStrike Falcon request a live demo