Verizon’s 2022 Data Breach Investigations Report: A Must Read

I like Verizon’s annual Data Breach Investigations Report (DBIR). I’ve pored over its content material yearly since its inception in 2008. Simply goes to indicate how lengthy I’ve been engaged on information breaches. It’s all the time written in language that’s straightforward to grasp, not tremendous techy, and supplies an important abstract of the present dangers to companies.

The 2022 DBIR is not any completely different. Take your time digging into its 108 pages—none needs to be missed. Issued on Could 25, 2022, it’s complete, extraordinarily helpful, and high notch—as all the time.

The preamble is so true—that nothing is for certain. The report speaks of credible evaluation of information, together with slanted bar charts, spaghetti charts, dot plots or pictograms, although “all convey the uncertainty of our industry in their own way.”

Analyzing incidents from November 1, 2020 to October 31, 2021, the DBIR workforce acknowledges that all of us proceed to be shocked on the sheer creativeness of cybercrime, the continuously altering panorama of sophistication, and “if Sasquatch were elected Governor.” One of many issues I like in regards to the DBIR is the humor of the workforce.

In keeping with the report:

“The past year has been extraordinary in a number of ways, but it was certainly memorable with regard to the murky world of cybercrime. From very well publicized critical infrastructure attacks to massive supply chain breaches, the financially motivated criminals and nefarious nation-state actors have rarely, if ever, come out swinging the way they did over the last 12 months.”

True sufficient. The DBIR workforce reviews that there have been 4 threats that led the menace actors to firm techniques: credentials, phishing, exploiting vulnerabilities, and botnets. Ransomware continued its upward development, and provide chain security-related incidents brought about widespread penalties and concern about nation states’ entry to information.

I urge you to learn the report after which re-read it. It is likely one of the greatest indicators of the present state of cyber threats to organizations and might be very useful in your preparedness efforts.

Source link