Six key findings from the 2022 Data Breach Investigations Report (DBIR)
Knowledge is power. With the right threat information, you will know what attacks to expect and how you can best defend against them. And Verizon’s Data Breach Incident Report (DBIR) has consistently provided excellent, actionable threat information that can guide your security program and protect your organization.
Today, Verizon released their 2022 edition of the DBIR. This report is their 15th annual report, and it’s their most comprehensive report yet. It analyzes 5,212 breaches in 2021, which occurred within organizations spread across 11 different verticals and four large regions.
Let’s quickly dig into a few initial impressions and insights from this report.
First Reaction: The report’s 6 key findings
Soon, we will provide an in-depth breakdown of the report. Today, we’ll quickly outline six key findings from the report worth immediate consideration.
1. Supply chain security matters
The report found that just one supply chain breach in late 2020 was enough to shift an entire year’s breach demographics to a meaningful degree. This demonstrates how a single breached vendor can compromise countless customers and why it’s critical to monitor and defend against incidents coming from your vendors.
The DBIR report found that just one supply chain breach in late 2020 was enough to shift an entire year’s breach demographics to a meaningful degree.
2. Ransomware remains on the rise
The report found that ransomware has increased substantially in breaches. There are a few likely reasons for this. A ransom request can be “tacked on” to almost any breach. Organizations continue to increase their attack surface and struggle to stop the lateral movement that ransomware relies on. And simply put, ransomware continues to work and remains an effective way to extort a victim organization. Fortify your defenses with our practical ransomware defense framework – download the e-book here.
3. There are four main vectors for a breach
Most successful attacks use four main attack methods to penetrate their victim’s network and begin their attack. They compromise credentials, send phishing messages, deploy botnets, or exploit known vulnerabilities in their victim’s IT infrastructure. None of these are new, but they continue to create significant breaches.
4. Humans are still usually the weak link
The “human element” is still a significant security issue beneath many breaches. Humans continue to click malicious links, they continue to give away or otherwise lose their credentials, and they continue to make poor security decisions in the moment otherwise that attackers exploit to gain access to their victim’s networks.
5. Very small businesses are now under attack
First, cyberattacks primarily targeted enterprises. In recent years, we saw attacks evolve and become scalable and efficient enough to target SMBs. Now, very small businesses with even ten employees or less are under attack. Every company of every size must now take security seriously, be on the lookout for indicators that they have suffered a breach, and report incidents that they have suffered.
6. It isn’t all bad news
Finally, there are some promising signs. Organizations take some security recommendations to heart, deploy them effectively, and make specific attack vectors less effective. For example, misconfiguration errors are decreasing, suggesting that fewer cloud resources are being exposed to the internet, and the threat of Cloud data breaches and loss is falling.
Learn (much) more in the 2022 DBIR Report today
The full report provides significantly more detail about the state of cybersecurity today and what you must do to defend yourself against today’s biggest threats. Specifically, the report details:
- How attacks have evolved from 2008 to 2022 regarding the VERIS 4A’s (Actor, Action, Asset, and Attribute)
- The most common attack timeline that modern cyber incidents follow and that you must prepare defenses against
- The specific attack patterns that dominated 2021 analyzed in-depth
Atos CSIRT has been an active contributor to the Verizon DBIR over the last four years and helps clients worldwide manage security incidents. Talk to an Atos security expert for a one-on-one consultation on how to combat threats highlighted in DBIR.