Verizon Breach Report: Attackers Take Only Seconds To Capitalize On A Basic Security Mistake


Greg Bell, IT director at Nashville, Tenn.-based DCI Donor Services, a provider of tissue bank services, said his IT team of seven relies on Trend Micro for endpoint security protection, but the company's field managers handle donor cases from remote locations, making the process of securing systems more complicated. The Verizon analysis found that lost or stolen devices -- mainly laptops -- were the biggest cause of data breaches in the health-care industry. At DCI Donor Services, Bell's team is currently deploying additional monitoring to watch traffic flow at key entry points to the corporate network. The increased visibility will help the team detect threats and prioritize risk reduction efforts, Bell said.

"We're just going to have far more proactive and valuable information we can use to protect systems that provide key services," Bell told CRN. "It's the things we don't see coming that worry me the most, and I think the biggest thing for us is to identify and react as quickly as we can to threats so that we can contain a problem before it gets out of control."

For the first time, the 2014 Verizon Data Breach Investigations Report contained information gleaned from 63,000 confirmed security incidents. Verizon said this year's data was collected from 50 organizations, including industry information security and analysis centers, law enforcement agencies from various countries, security vendors and private sector organizations.

The Verizon analysis combined threat actors, hacking techniques and the assets being targeted by attackers to uncover common incident patterns for the first time. According to Verizon, nine patterns can describe 92 percent of the more than 100,000 security incidents it has collected over the past decade.

Web application attacks, cyberespionage and card skimming are the top three incident patterns that result in data breaches, Verizon said. But a review of tens of thousands of security incidents found employees at the core of many security incidents.

Miscellaneous errors such as emailing personally identifiable information topped the list of incident patterns. Human errors were associated with more than 16,500 security incidents and 412 confirmed breaches in 2013. Insider threats and privilege abuse, an often underreported issue, also ranked high over the 10-year review period. Verizon said malicious insiders and partners were associated with more than 11,000 security incidents and 112 data breaches in 2013, mainly by abusing account privileges. 

NEXT: Verizon Report Highlights Need For Patch Management