Security News > 2020 > May > Industry Reactions to Verizon 2020 DBIR: Feedback Friday
"We often think of ransomware as a breach, but the DBIR categorizes most ransomware activity as an incident because while you may have lost access to the data, the attacker hasn't actually stolen it. While that may give you some comfort, it doesn't mean that a ransomware incident is materially less impactful to the security folks who have to deal with it."
"In all cyberattacks, it is the attacker who defines the rules, and often opportunism is the best play in any numbers game. The 2020 DBIR confirms that most successful breaches employed opportunistic tactics ranging from social engineering and credential attacks through to opportunistic hacks and exploits of misconfigurations. This means that we could see a material reduction in breaches if basic principles such as securing S3 buckets, applying password security to databases, having a patch management strategy and applying reasonable malware protections were in place."
"Drilling down into Verizon's 2020 version of the DBIR tells us two things: One, the number of incidents and data breaches is snowballing year-on-year, confirming the trend that digital transformation will result in threat vectors compounding and growing in number. And two, hacking for financial gain has taken precedence over malware and other low-impact techniques as the primary motivator for malicious actors."
"The 2020 Verizon DBIR highlights who is targeting what industry and what they are doing. Attribution is interesting in the sense that it demonstrates who is behind a breach and what they do. The motives behind an attack tend to be consistent for each industry, as does the risk and data in those industries."
"The Verizon DBIR highlights the top actions for breaches, which continue to be credentials, misconfiguration and phishing. Credentials are still the favorite attack surface, and within the past three years, range fluctuates between 75%-81%. The reduction in malware is aligned with the previous year's trend and is a function of the risk balloon getting squeezed as alternative attacks reward balance out. Besides, if you think about January 2020 alone, and weigh in the key breaches reported during the first month of 2020, then you will realize the shift is insignificant."