Reality…no company can prevent a breach! Earlier this month I was a guest speaker at the 2021 Nebraska Credit Union League Annual Meeting & Convention.
One of my talking points was about the reality of data breaches and how the final story for most data breach events rarely reflects the initial news report. Initial reports speak of what is currently known about the breach. But those reports never cover the long-term impact of affected individuals and small businesses.
In case you missed it, some of the notable data breaches so far in 2021 include CNA, Experian, Facebook, GEICO, Instagram, LinkedIn, Microsoft, Tesla, and Microsoft.
The irony to these data breaches is that these businesses pride themselves on safeguarding PII (Personally Identifiable Information). An additional irony is that these businesses have more financial and information technology resources than most other businesses, and yet they still cannot prevent a data breach event from happening.
The reality of data breaches is that they occur almost every day – whether it is an accidental release (which is a polite phrase for carelessness, incompetence, or simply stupidity) or malicious intent (with the insider threat a common focal point, although the media heavily focuses on hacking events).
To help add clarity to the above, the recently released 2021 Verizon Data Breach Investigations Report (Verizon 2021 Data Breach Investigations Report Released) provides the latest data breach-related trends and statistics that can help both consumers and employees be proactive in mitigating their exposure to identity theft and data breaches.
This year’s Data Breach Investigations Report (DBIR) helps define words in an accurate and complete manner such as “incident” and “breach” and highlights the reality of data breaches that can support a cyber-risk management strategy for all businesses in general but small business in particular.
Things to know
- Social engineering is the most successful attack
- The top hacking vector in breaches is web application servers
- Denial of service is the most frequent way incidents occur
- 85 percent of breaches involved a human element
- Financially-motivated attacks are the most common
- Organized crime continues to be the number one attacker
- Compromised External cloud assets, more than on-premises assets
- The exploitation of Unpatched older vulnerabilities by attackers
- Credentials remain one of the most sought-after data types, followed by personal information
- Employees continue to make mistakes that cause incidents and breaches
- Lost and Stolen devices
- Misuse of Privileges
- Business Email Compromises were the second most common form of social engineering (COMPLACENCY MAKES HACKERS SUCCESSFUL)
- The majority of social engineering incidents were discovered externally
DBIR also states “phishing continues to be a top cause of data breaches, followed by stolen credentials and ransomware. Threat actors ‘will first exfiltrate the data they encrypt’ and threaten to reveal it publicly if the ransom isn’t paid.”
To conclude and while this year’s Verizon report highlights “the importance of building a culture of cybersecurity vigilance,” I believe that having a response and recovery program in place is just as important as having an information security and governance program in place.
Why, because I believe the reality of data breaches is that “no one company can ever prevent itself from experiencing a data breach event”. This is something I have been writing and speaking about for the last 15 years.
By Mark Pribish
Vice President and ID Theft Practice Leader