1Verizon Data Breach Study Finds Old Flaws Remain Dangerous
by Sean Michael Kerner
2Security Incidents Span Myriad Industries
No industry is immune from security breaches and data loss events. The Verizon report found attacks across multiple industries and organization sizes.
3Majority of Organizations Are Compromised Quickly
Verizon’s analysis found that in 60 percent of cases, attackers were able to compromise an organization within minutes.
4Manufacturing Is Top Target of Cyber-espionage
When it comes to cyber-espionage, Verizon found that manufacturing is the most targeted industry.
5Social Engineering Attacks Still Work
Among the high-level findings is the fact that social engineering attacks still work. Verizon reported that 23 percent of recipients open phishing emails, while 11 percent will click on unknown email attachments. When it comes to cyber-espionage, Verizon found phishing to be the most common attack pattern.
6Most Exploited Vulnerabilities Are Over a Year Old
While there is always concern in the security community about zero-day vulnerabilities, Verizon found that 99.9 percent of the exploited vulnerabilities in 2014 had been compromised more than a year after the associated CVE (Common Vulnerabilities and Exposures) was published.
710 CVEs Represent 97 Percent of Exploits
Looking a level deeper, Verizon found that out of all the CVEs in existence, 10 of them were responsible for 97 percent of the attacks observed in 2014.
8Mobile Is Not a Prime Target
While mobile malware does exist, when it comes to the total number of infections, Verizon sees little reason to worry. Verizon found that an average of only 0.03 percent of smartphones per week, out of the millions on Verizon’s network, were in fact infected with malicious code.
9Data Breach Financial Losses Vary
As part of its analysis, Verizon looked at the cost of a data breach and found that the cost can vary by a wide range. For example, on a data breach of 1 million records, costs could range from a low of $57,600 to a high of $27.5 million.