Most Data Breaches Avoidable, Verizon Report Finds
Breaches of electronic records last year involved more insider threats,
greater use of social engineering and the continued strong involvement of
organized criminal groups, according to communication giant Verizon's 2010 Data
Breach Investigations Report, in collaboration with the U.S. Secret Service. However,
the overall number of breaches investigated last year declined from the
previous year-"a promising" indication, the study said.
The report found most data breaches investigated were caused by external sources: Sixty-nine percent of breaches resulted from these sources, while only 11 percent of breaches were linked to business partners. The study said insiders caused 49 percent of breaches, which is an increase over previous report findings, primarily due to an expanded dataset and the types of cases studied by the Secret Service, Verizon said.
Many breaches involved privilege misuse, the report stated, with 48 percent of breaches attributed to users who, for malicious purposes, abused their right to access corporate information. An additional 40 percent of breaches were the result of hacking, while 28 percent were due to social tactics and 14 percent to physical attacks. The reported said as in previous years, nearly all data was breached from servers and online applications, with 85 percent of breaches not considered highly difficult; 87 percent of victims had evidence of the breach in their log files, yet missed it.
"The reduction in breaches is a positive sign that we are gaining some ground in the fight against cybercrime," said Verizon Business' vice president of technology and enterprise innovation, Peter Tippett. "As we are able to share more information through the use of the VERIS security research framework to gather comparative security data such as the caseload of the Secret Service, we believe we will be even better equipped to arm organizations with best practices, processes, tools and services that will continue to make a difference."
Data breaches continue to occur, according to the report, within all types of organizations. Financial services, hospitality and retail still make up the "Big Three" of industries affected (33 percent, 23 percent and 15 percent, respectively) in the merged Verizon-Secret Service dataset, though tech services edged out retail in Verizon's caseload. A growing percentage of cases and a stunning 94 percent of all compromised records in 2009 were attributable to financial services. More than half of the breaches investigated by Verizon in 2009 occurred outside the United States, while the bulk of the breaches investigated by the Secret Service occurred in the United States. The report found no correlation between an organization's size and its chances of suffering a data breach.
The 2010 report concluded that being prepared remains the best defense against security breaches. "For the most part, organizations still remain sluggish in detecting and responding to incidents. Most breaches (60 percent) continue to be discovered by external parties and then only after a considerable amount of time," the report concluded. "And while most victimized organizations have evidence of a breach in their security logs, they often overlook them due to a lack of staff, tools or processes."