https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Data security

4 Takeaways from Verizon’s Data Breach Investigations Report: Wising up to Phishing?

  • Written by James Anderson
  • May 8, 2019
Employees are getting smart about phishing, but their bosses? Not so much.

“Why don’t we skip all the hard hacking and just, you know, ask for the money?”

That simple mindset drives cybercriminals to con executives into unwittingly handing over precious data, according to the 2019 Verizon Data Breach Investigations Report (DBIR).

The likelihood of senior executives succumbing to social breaches was nine times more likely than in previous years, according to the study. Many of these breaches could have been prevented with rudimentary security protocol, according to Gabe Bassett, the senior information security data scientist on the Verizon Security Research team.

Hi y’all. Today I get to share the 2019 @VZDBIR with you: https://t.co/JwybL24WpT It’s been 6mo and 73 contributors in the making. If you haven’t heard of it, it’s a data driven report on the incidents and breaches from the last year. We hope it helps you improve your defenses!

— Gabe The Engineer (@gdbassett) May 8, 2019

Verizon unveiled results from its 2019 Data Breach Investigations Report Wednesday. The data shows the demographics of both attackers and victims shifting. Below are four interesting findings.

Bassett,Gabe_Verizon

Verizon’s Gabe Bassett

Phishing for Execs

The C-suite saw a target on its back in the last year, getting particularly hammered in the professional services industry, where they accounted for 20 percent of the compromises.

Bassett said social pretexting – better known as phishing – is a chief strategy that turns your boss into a sucker. Most cases of phishing saw the threat actor exploit a person using a link or an attachment. The attachments are typically macro-enabled Microsoft Office documents or Windows executables.

Businesses should have policies in place to filter out a significant portion of these attacks.

verizon phishing

Source: Verizon Data Breach Investigations Report

“The reality is, no one’s getting their software updates by email,” Bassett said. “So block Windows executables at the mail gateway. Block macro-enabled Office documents at the mail gateway. Block links at the mail gateway and let people go in and say, ‘Yes, this is something I was expecting.'”

But there’s great news on the phishing front: Employees are catching on. Click rates in phishing exercises dipped below 3% this year, according to the study. Thirty-two percent of breaches involved phishing last year, according to the report, so businesses may be rising to the challenge of one of the most popular threat actions. Your move, bad guys.

 

A Shift in Perpetrators

Outsider threats remain most prevalent, but we’ve seen a slow but consistent changing of the guard over the last few years. Outsiders perpetrated 75% of breaches in 2017, with inside actors involved in 25% of them. The ratio turned to 73-28 in 2018 and sits at 69-34 in 2019. That doesn’t mean the insiders have malicious intentions, but as we discussed in the previous paragraph, even the most well-intentioned employees can be complicit in a breach if they lack the proper education and protocal.

SMBs Drop

Small and medium-size businesses accounted for a smaller percentage of breaches than in previous years. Bassett and the Verizon team didn’t discover any clear drivers, but the results are quite suggestive.

Forty-three percent of the breached companies in the latest report are categorized as SMBs. That’s still a staggering number, but it represents a decrease of sorts. We wrote in 2017 that the number was 61%. The percentage dropped to 58 in 2018.

Verizon 2019 DBIR

Source: 2019 Verizon Data Breach Investigations Report

One of the steps SMBs can do to improve their data protection is …

  • Page 1
  • Page 2
Tags: Agents Security

Most Recent


  • Q&A
    Ingram Micro Talks AWS Partnership Success, CloudBlue, MSPs, Cybersecurity, More
    “AWS and Ingram are doing all the right things to develop partners’ competency," said Ingram Micro's executive director, cloud services.
  • Managed Security Services
    Verizon Data Breach Investigation Report: Employee Cybersecurity Training Still Lagging as Stolen Credentials Rise
    The DBIR team examined more than 914,000 incidents and nearly 235,000 data breaches.
  • Eight, 8
    8 Takeaways You Need to Know from AWS’ Public Sector Summit
    Get the scoop from Jeffrey Kratz, who now leads the vendor’s public sector partner program.
  • business questions
    To Pay or Not to Pay: Big Question When Hit with Ransomware
    This is likely the toughest decision a CISO has to make in their entire career.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • USB drive
    A Coup and a Theft: Why MSPs Can’t Let Clients Get Lax About USB Security
  • Ransomware skull and crossbones
    JBS Did What it 'Needed to Do' with $11 Million Ransom Payment
  • hybrid clouds
    Nutanix, HPE Team on Hybrid, Multicloud via GreenLake
  • lone Arctic wolf
    Arctic Wolf Enhances Partner Program with 2 New Tiers

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

Verizon Data Breach Investigation Report: Employee Cybersecurity Training Still Lagging as Stolen Credentials Rise

May 24, 2022

8 Takeaways You Need to Know from AWS’ Public Sector Summit

May 24, 2022

Top 5 Cloud, Data Announcements from Informatica World

May 24, 2022

Industry Perspectives

View all

Leverage Your MSP’s People Power

May 24, 2022

How SD-WAN Helps Secure the Expanding Network Perimeter

May 19, 2022

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

.@IngramMicroInc's John Dusett talks @ThisIsCloudBlue, MSPs, cybersecurity, AWS and more. dlvr.it/SR0Cw1 https://t.co/OpcZRj9fdb

May 24, 2022
ChannelFutures

.@VZDBIR dove deep into the latest #databreach trends. @TheMediaTrust @saryunayyar @Gurucul @olsontmt… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

Using people power to drive #profitability and capitalize on emerging #tech @Sherweb #MSPs dlvr.it/SQzrrl https://t.co/XwLfY492B0

May 24, 2022
ChannelFutures

.@Unit4Global @embridgeconsult talk the shift away from service delivery to sales #ERP. dlvr.it/SQzmPV https://t.co/dKLAPIKfzS

May 24, 2022
ChannelFutures

This Thursday, join us online for this incredible discussion, hosted by @chachelly of @figfirm, and featuring the i… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

Check out the news coming from @Informatica today regarding cloud, data, #AI. #InformaticaWorld… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

What are traits of a valuable vendor/partner relationship? We asked our roundtable partner participants to weigh in… twitter.com/i/web/status/1…

May 23, 2022
ChannelFutures

.@Microsoft pres. @BradSmi on how the co. supports #Ukraine with $100M of free tech to fight #cyberattacks.… twitter.com/i/web/status/1…

May 23, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X