BARR’s Analysis of the 2023 Verizon Data Breach Investigations Report

The 2023 Verizon Data Breach Investigations Report (DBIR)—an annual report examining dominant trends in data breaches and cyberattacks throughout the world—is now out for review. Verizon began releasing this report 16 years ago in 2008, and its tenure has served as one of the most influential and highly-regarded reports in the cybersecurity industry. 

Verizon examined over 16,000 incidents and 5,200 data breaches in order to draw key conclusions on how we can learn from today’s most threatening cybercrimes. The near 90-page report not only highlights their summary of findings, but provides data-based evidence that organizations can use to advocate for security and compliance solutions.  

Let’s take a look at a few takeaways from this year’s report: 

Key Trends:

• Stolen credentials, phishing, and exploitation of vulnerabilities are the top attack methods for gaining access to organizational systems.
• The number of social engineering attacks has increased, with compromised business emails and  ransomware leading the charge.
• Banks and exchanges have become prime targets for cyber criminals with four times the increase in cryptocurrency-based attacks compared to previous years. 
• The Log4j vulnerability, while initially concerning, was less prominent in breaches than anticipated but still requires attention. 
• Organizations of all sizes and industries remain vulnerable to ransomware.

Notable Statistics:

• Business email compromised attacks have almost doubled and represent more than 50% of incidents in the social engineering pattern.
• 74% of all breaches involve human error.
• 83% of breaches involve external actors.
• Financial motive is the reason for 95% of breaches. 
• 24% of reported breaches involve ransomware, which remains a significant threat.
• More than 32% of all Log4j scanning activities occurred within just 30 days of its release. 

While some of these issues have been at the forefront of the DBIR for a number of years, it’s notable that human error is still a significant cause of data breaches and most breaches are financially motivated, involving external actors. Ransomware also remains one of the top threats for many organizations. 

What do these findings mean for your company, and how can your organization use the DBIR to make smarter security decisions? BARR is here to help you out. 

How can companies use this report to improve their security program? 

“From a risk assessment perspective, consider this report free threat intelligence. For companies not sure where to start on their security journey, the DBIR shows you where to focus,” said Brad Thies, president and founder of BARR Advisory. 

“Ask yourself, where is your risk with credentials? Phishing? How are you managing vulnerabilities and your triage response? Would you know if a botnet had taken over your network? If you can bake in security to prevent those top causes, you’re off to a great start,” Thies explained. 

The report also includes industry-specific guides for businesses to use as they work on improving their security posture. For example, page 56 is geared toward healthcare organizations, and on page 65, you can find helpful data for small and medium-sized businesses. These industry guides provide organizations with information like top patterns and common threat actors as well as guidance on what to prioritize within their specific security programs. 

Become a security-first company

If we’ve learned anything from the data breaches of the past few years, it’s that security needs to be a priority for all organizations. Armed with the insight from the DBIR, organizations can use this information to become a security-first company. 

“Security needs to be a part of company identity,” according to Thies. He discussed Equifax as an example of this. Prior to the notorious Equifax data breach in 2017, the company had a lax attitude in security and flawed security operations. After the breach, the company overhauled their security program and transformed their company identity to be security first. This included enhancing customer experience, building trust, becoming an industry leader in data security, and investing in security infrastructure. 

“If you put stake in who you are, the outcomes are easier to attain,” Thies explained. 

Ultimately, hackers aren’t interested in whether or not your company is compliant. They care about getting into and navigate your system. While it can be difficult to create real, lasting change to your security program, the DBIR serves as an invaluable resource for any business who wants to establish themselves as a security organization.

Interested in learning more about how to leverage the DBIR to improve your company’s security posture? Contact us today.