Verizon’s 2021 DBIR: Key Findings and Insights

Threats are increasing, but you can defend yourself against them. To do so, you need to know what threats will knock on your door, what kind of impact they can cause, and how to defend against them.

Today, I will summarize some key findings from Verizon’s comprehensive 2021 Data Breach Investigation Report (DBIR). Verizon analyzed 79,635 security incidents, which resulted in 5,258 confirmed data breaches (up from 3,950 in the 2020 edition).

This report is a substantial annual project, and Verizon did not do it alone. 83 different security organizations contributed — including Atos. In the coming days, my colleagues will publish industry-wise thoughts and analyses.

To begin, let’s dig into two of the most critical sections of Verizon’s 2021 report.
The first covers how much damage threats are causing today and why it’s critical to establish defenses against them proactively. The second outlines the eight most common threats you will face — and have to defend against — over the coming year.

Worse than you think: The impact of today’s biggest threats

Verizon’s report attaches some real numbers to the average cost of a modern security breach, providing a range of reported costs and financial losses associated with the different types of damage a breach can cause. By reviewing these numbers and adding them together, you can begin to define exactly how much an incident might cost.

Please note that Verizon used data reported by individuals and organizations of every size, resulting in a wide range of possible losses. When considering your potential losses, take your organization’s size into account.

Direct financial lossesBreaches (business email compromise and computer data breaches) caused a direct loss of anywhere between $250 – $1.6 million.

Median loss: $30,000

Digital forensics and incident response (DFIR) costsThese costs ranged between $2,400 – $336,500.

Median loss: $18,000

Legal costsThese costs ranged between $800 – $54,000
Impact on stock priceAfter a breach, organizations experience a devaluation of 5%

Verizon’s report runs some rough calculations and determines that 95% of breaches will create a total impact ranging from $826 – $653,587, with the most significant breaches causing a multi-million-dollar impact.

Bottom line: While the total impact on individuals appears to be minor, medium to large organizations can expect to incur tens or hundreds of thousands of dollars in damages for every breach.

Verizon’s report is long and detailed — a must-read for any cybersecurity professional. We have only scratched the surface, so watch this space for more analysis and commentary.

Eight Attacks: Today’s Most Common Threat Patterns

Verizon’s report updated its threat patterns to align with today’s evolving threat landscape. Ultimately, they found that 99.3% of analyzed breaches and 99.6% of investigated incidents were caused by one of the following eight threat patterns:

Social engineering3,841 incidents involved social engineering, with most caused by phishing or business email compromise (BEC). Most also involved stolen credentials, and nearly half (1,767) resulted in confirmed data loss.
Basic web application attacks4,862 incidents involved simple threats with direct objectives seeking low-hanging fruit — such as accessing email or web app data or distributing malware — after the initial application compromise.
System intrusionA new attack pattern, resulting in 3,710 incidents that involved complex, multi-step attacks. Most (70%) involved malware, and a significant minority (40%) involved hacking, stolen credentials, or brute force attacks.
Miscellaneous errors919 incidents involved unintentional mistakes, such as misconfigured database assets or employees sending data to the wrong recipient. The majority (896) of these incidents resulted in confirmed data loss.
Privilege misuse265 incidents involved privilege abuse by financially motivated internal actors performing fraud, with 222 of these incidents resulting in confirmed data loss. Most often, personal information was stolen.
Lost and stolen assets1,295 incidents involved lost or stolen devices, with 57% of incidents involving missing desktops or laptops. However, the report notes that 2020 was a non-representative year for these incidents due to work-from-home.
Denial of service14,335 incidents involved attackers compromising network and system availability. While preventable, DDoS attacks were unpredictable and followed multiple patterns and packet types and sizes.
Everything elseThe remaining 129 incidents involved a grab bag of threat patterns, primarily based around breaches of an organization’s physical security.

 

Bottom line: Organizations face a wide range of threats, each of which can result in a breach, a ransom demand, data loss and any number of adverse outcomes. Organizations require an equally wide range of defenses to protect themselves.

 

Take the Next Step: Defend Against Today’s Threats

Verizon’s report is long and detailed — a must-read for any cybersecurity professional. Our brief blog has only scratched the surface, so watch this space for more analysis and commentary from our cybersecurity experts. However, we want to make two points abundantly clear:

A breach will cost your organization a significant amount of direct or indirect financial loss — justifying the expense of robust, preventative cybersecurity.

There is no single threat pattern to defend against — your cybersecurity investments must span a wide range of services and capabilities.

To learn more and dig into the details, access your copy of Verizon's report.

To discuss the report’s findings and learn how to build effective defenses against today’s threats, contact Atos today for a free, no-obligation consultation with a cybersecurity expert.

 

Share this blog article


About Jose Varghese
Global Domain Head of Security Operations Center(SOC)
Jose Varghese is the Global Domain Head of Security Operations Center(SOC), BDS Cybersecurity Services at Atos. Before this, Jose co-founded Paladion and was the head of delivery for MDR services. He over 25 years of IT services delivery experience, out of which 20 years was with Paladion and was focused on cybersecurity. At Paladion, Jose started with security product deployment projects focusing on Firewalls, Intrusion Prevention Systems and Anti Virus. After gaining experience in key security technologies, he moved to designing and implementaion of information security policies for large enterprise customers in Aisa. Jose was actively involved in the setting up of Paladion 24/7 Security Operations center (SOC) in Bangalore in 2006. Jose received his B.Tech in Applied Electronics in 1995 and worked with Wipro for five years before co-founding Paladion in 2000.

Follow or contact Jose