The Verizon 2020 Data Breach Incident Report:
Business Data Trends and Breaches
Release Date: 26/02/2021
Author: Grace Maher
The Verizon 2020 Data Breach Incident Report is one of the most verbose and mature to date delivering a wider global view with in depth detail, analysing over 150,000 incidents and almost 4000 confirmed data breaches. The Verizon yearly report is one of the best ways of reviewing data trends within businesses and also any trends within their confirmed breaches.
What are the trends?
The surprising trend is a sharp decline in security incidents (32,000), but of these almost 4000 were confirmed data breaches. This year’s report also contained a new way of segregating the findings into industry verticals that are aligned in the MITRE ATT&CK framework – making it easier for businesses to implement specific measures for trends within their industry.
Nearly half of the breaches investigated involved hacking, utilising phishing emails and rogue attachments unsurprisingly was the most common method of gaining entry, with the main targets being Web Apps, Workstation access and Email. Email is always a recurring theme within the DBIR reports due to the way that they are the ‘key’ to our daily work lives, from credentials, personal data, files we own and that have been shared, and even the ability to use this corporate access to laterally move across your networks looking for more sensitive information. Ensuring that your teams understand phishing emails or malicious attachments, how to spot them, and most importantly what to do when you do receive one, is becoming ever increasingly important to a strong security awareness practice. KnowBe4 (Link to KnowBe4 Technology page) is one of the best ways to make security awareness content interesting, engaging, and memorable for your end users. KnowBe4 provides simulated phishing and malicious email campaigns at the tip of your fingers, so you can always check in on how people are putting into practice what they have learnt.
Also on the rise was the breaches due to human error and misconfiguration – there were many cloud storage buckets open to the public, and firewall misconfigurations made it far too easy for outsiders to remotely access the network at their will. This shows that security is a fine line between usability and creating a secure environment. If it becomes too complex, users will always find the easier way round, and too relaxed can lead to inherent insecurity.
What about the Cloud?
Cloud applications were involved in 24% of all breaches, however, of these cloud breaches 77% involved stolen and compromised credentials. So much of cloud access by remote users just relies on a password, which is easily negated by cyber criminals looking to gain access to your valuable assets. Stolen credentials from brute force attacks against web applications is still one of the most common techniques with attacks doubling in this year’s report. A strong access cloud security strategy should be implemented for any businesses utilising cloud applications, and Okta link to Okta page is one of the industry leading Identity as a Service platforms. Okta provides you with a single seamless interface to manage and provide access to your on-prem, cloud and SaaS applications, integrated into AD, but leveraging adaptive multi-factor, and even location based challenges for anomalous logins.
To summarise, size does not matter to cyber criminals, data is one of the most valuable assets within your organisation and they will utilise any method they can to try and access it. It is clear that in general businesses do have to focus on educating end users, ensuring best practices for security are followed and also securing their cloud applications – whilst also making sure configurations of cloud data storage are stricter.
Get Notified for New Blogs:
We post regularly on the platforms below, notifying our audience when we publish new pieces.
All views expressed on this blog are the author’s own and do not represent the opinions of any entity whatsoever with which the author
has been, is now or will be affiliated, inc. this organisation whose website the blog is hosted on, or any partner of this organisation.