Verizon 2014 Data Breach Investigations Report Is Here

Verizon has released its latest Data Breach Investigations Report, and its 2014 edition is better than ever! Verizon studied 1,367 confirmed data breaches, and 63,437 security incidents in 95 countries. A breach is defined as an incident that results in the disclosure or potential exposure of data. An incident is a security event that compromises the integrity, confidentiality, or availability of an information asset.

The biggest difference between the 2014 Report, and those of prior years, is that the current report used the characteristics of incidents to develop incident classification patterns. Verizon found that 94% of the confirmed data breaches fell within 9 basic patterns. The same patterns could be used to describe 92% of the 100,000+ security incidents. Better yet, Verizon was able to identify the frequency with which each pattern appeared by industry! The 9 incident classification patterns are: POS Intrusions, Web App Attacks, Insider Misuse, Physical Theft/Loss, Miscellaneous Errors, Crimeware, Card Skimmers, DOS Attacks and Cyber -espionage.

For example, in the accommodation industry, 75% of the security incidents were point-of-sale intrusions, while only 1% percent fit the theft/loss pattern. Contrast this to healthcare, where 46% of security incidents fit the theft/loss pattern, and only 9% were point-of-sale intrusions.

The report provides in-depth analysis of each of the 9 incident classification patterns, with recommended controls to reduce risk for each pattern. This information allows you to develop the specific security strategy to minimize risk for your business, based upon your industry. You can find the full 2014 Verizon Report at, http://www.verizonenterprise.com/DBIR/2014/insider/?utm_source=earlyaccess&utm_medium=redirect&utm_campaign=DBIR, or contact me and I will be glad to send you a copy.

Leave a comment