Verizon recently published its 2019 Data Breach Investigations Report. This report is the 12th edition and contains an analysis of 41,686 security incidents with 2,013 confirmed breaches from 73 sources, including public and private entities. Included among its many findings, the report found high-level executives are twelve times more likely to be the target of social incidents, when an information asset is compromised, and nine times more likely to be the target of social breach, a confirm unauthorized disclosure of data, as compared to past years. It explained that senior executives, who typically face a great deal of time pressures and stress, are more likely to unknowingly click on sham emails, which could compromise their data security systems. Moreover, a successful attack on a senior executive can reap large rewards as a senior executive likely has access to critical systems and unchecked approval authority. Indeed, the report notes that financial gain is the primary motivator for all data breaches, representing 71% of breaches. As a close second, espionage accounts for 25% of all breaches.
The report also found an increasing number of cybersecurity attacks on cloud-based environments as many companies and organizations move their data to the cloud. That being said, ransomware attacks continue to be a significant threat, accounting for 24% of all malware incidents.
“Enterprises are increasingly using edge-based applications to deliver credible insights and experience. Supply chain data, video, and other critical – often personal – data will be assembled and analyzed at eye-blink speed, changing how applications utilize secure network capabilities” comments George Fischer, president of Verizon Global Enterprise. “Security must remain front and center when implementing these new applications and architectures.”
In addition to these types of cyberattacks, the report highlights that everyone is susceptible to cybersecurity incidents. In fact, small businesses account for nearly 43% of all cybersecurity victims.
As evidence by the report, the threat of a cybersecurity attack is not going anywhere. Although data security increasingly progresses, bad actors continue to evolve their tactics to obtain unlawfully sensitive data and information, resulting in significant damages to companies and individuals. The FBI found that the median direct loss for a business email compromise is about $8,000 and about $25,000 for a computer data breach.
The ease with which employees acquire, handle and transport massive amounts of sensitive personal information make it critical that businesses ensure their employees, regardless of department or level, have greater awareness of the sensitivity of this information and receive regular training on how to prevent, spot and respond to a cybersecurity attack. This should be a part of any written information security plan.