According to the results of Verizon’s annual Data Breach Digest, data breaches are becoming more complex, pervasive and damaging to enterprises. Cyberattacks are no longer just a problem for a company’s IT department, and the impacts are now spreading across every department within an organization.
“Data breaches are growing in complexity and sophistication,” Bryan Sartin, executive director of the RISK Team at Verizon Enterprise Solutions, said in a statement. “In working with victim organizations, we find that breaches touch every part of an organization up to and including its board of directors. Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences, such as a loss of customer confidence or a drop in stock price.”
Similar to the findings of last year’s investigation, Verizon revealed that hackers are continuing to rely on attack methods such as phishing and ransomware, both of which enable them to capitalize on the element of human error.
Humans play a significant role in data breaches, whether it’s as threat actors, targeted victims and incident response stakeholders.
Verizon’s Data Breach Digest highlights 16 common breach scenarios and provides a detailed analysis of how the attack occurred, as well as the level of sophistication, threat actors involved, tactics and techniques used, and recommended countermeasures, the company said.
The four different types of breaches noted are the human element, conduit devices, configuration exploitation and malicious software.
“The Data Breach Digest is designed to help businesses and government organizations understand how to identify signs of a data breach, important sources of evidence and ways to quickly investigate, contain and recover from a breach,” added Sartin.