As we all know, Verizon's DBIR is the most highly anticipated cyber security report of the year. This year is Verizon's tenth annual release of the report and yet again it's an unparalleled source of information on cybersecurity threats. The report itself has been constructed from more than 40,000 security incidents and just under 2,000 confirmed breaches.

Over the last 12 months our Forensic Investigators continue to witness vulnerabilities that have been echoed within the DBIR itself:

  1. Cyber criminals continue to target the smaller companies. 61% of the data breach victims in this year's report are organisations with fewer than 1,000 employees.
  2. 80% of hacking-related breaches involved the use of either stolen and/or weak passwords. Social engineering is becoming a major factor as a way for cyber criminals to gain their way into an organisation (we have witnessed this on a few of our own cases), and far too many times, too many organisations (including their third party providers) are making it easier for attackers to gather this type of information.
  3. Far too many organisations rely on out-of-date defences (not to mention how much they rely on out of date software alone). It is important to know which threats an organisation like yours my be exposed to so the necessary steps to prevent them can be addressed.
  4. People are still falling for the good ole fashioned phishing scams. The DBIR mentions how 1 in 14 users were tricked into clicking a malicious link or opening an attachment. 25% of those people went on to be deceived more than once.
  5. Ransomware attacks are growing. 51% of data breaches that were analysed in the DBIR involved malware. In the DBIR produced in 2014, ransomeware was the 22nd most common form of malware and within this years DBIR, ransomeware has moved its way up the ladder to a staggering 5th place.

For more information on this years Data Breach Investigation Report download yourself a copy from Verizon and have a read!!