https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • MSP 501 Rankings
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Vertical Markets


Shutterstock

Data Breach

Verizon Data Breach Investigations Report: Money Is Top Motivator

  • Written by Edward Gately
  • May 20, 2020
Not shockingly, malicious hackers want your money. But there are some surprising results.

Cold, hard cash is what matters most to cybercriminals, according to the latest Verizon Business Data Breach Investigations Report (DBIR).

The 13th annual data breach investigations report analyzed 32,002 security incidents. Of those, the carrier confirmed 3,950 were breaches. Verizon analyzed just half that many – 2,013 – in last year’s report.

Verizon DBIR 2020

This year’s Verizon DBIR found credential theft and social attacks such as phishing and business email compromises at the heart of most breaches.

These cases came from 81 global contributors from 81 countries.

“As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount,” said Tami Erwin, Verizon Business‘ CEO. “In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious.”

Money motivated criminals in nearly nine of the 10 breaches. In addition, external actors continue to cause the vast majority of breaches. Organized crime accounts for 55% of these.

Credential theft and social attacks such as phishing and business email compromises (BEC) are at the heart of most breaches. Specifically, more than one third (37%) of credential theft breaches used stolen or weak credentials. One in four (25%) involved phishing, and human error accounted for more than one in five (22%).

New Surprises

Gabriel Bassett is a data scientist at Verizon and DBIR co-author. He said there are two surprises in the latest data breach investigations report.

Verizon's Gabriel Bassett

Verizon’s Gabriel Bassett

“First, web applications doubling in breaches sets an ominous tone for the 2021 DBIR,” he said. “This is heavily tied to the use of stolen credentials. For organizations that have transitioned to supporting a remote workforce using web services, this won’t be as much of an issue. But for organizations just now making that transition, this may be a challenge. The attackers are already there waiting for them.”

The second surprise is the increase in errors overtaking malware as a cause of breaches, Bassett said.

“It was driven by an increase in discovery of cloud storage (both file storage and databases) that were shared publicly but contained private information,” he said. “On the other hand, while some malware (such as ransomware and password dumpers) increased, common types of malware we traditionally think of (for example, trojans) dropped precipitously. I think this change points to progress in security, but also suggests that organizations need to refocus some of their defensive resources on improving processes to avoid and mitigate errors rather than worrying about the latest malware threat.”

Four in five (80%) web application breaches involved stolen credentials. That’s a worrisome trend as business-critical workflows continue to move to the cloud.

Ransomware also saw a slight increase, found in 27% of malware incidents. That’s up from 24% in the 2019 DBIR. More than one in six (18%) organizations reported blocking at least one piece of ransomware last year.

“I think the first thing to take away is that many of the things we do in security work and work well, so we need to ensure that these strategies continue to be used,” Bassett said. “Firewalls, antivirus, web and email proxies, patching and vulnerability scanning are all helping us stay secure.”

Opportunities for Cybersecurity Providers

Still, there are opportunities, he said. Phishing and credentials are still the top actions, he said.

“While we know what to do about these, many organizations need help implementing them — whether it’s two-factor authentication, phishing response or transition to email solutions with robust phishing protections,” Bassett said. “There are also up-and-coming opportunities such as better asset management or process improvement (long applied to manufacturing) to prevent errors leading to breaches. I also believe thinking in terms of paths offers a huge array of opportunities to reimagine how we accomplish security tasks.”

Every organization, large or small, needs security operations, he said.

“While large organizations may be able to maintain a security operations center (SOC), small and medium organizations need to …

  • Page 1
  • Page 2
Tags: Agents Backup & Disaster Recovery Cloud Data Centers Security Vertical Markets

Most Recent


  • Making Waves
    7 Channel People Making Waves This Week at TD Synnex, Veeam, Kaseya, Zendesk, More
    Microsoft has discovered malicious activity by a state-sponsored threat actor based in China.
  • Businessman reading cloud computing news
    Cloud Computing News: VMware, Celigo, Google Cloud, AWS Dominate the Week
    Find out what the vendors are up to this week and how partners are impacted.
  • OffSec Partners Get Expanded Global Partner Program
    The expanded partner program includes three new partner types.
  • zero day vulnerability
    Barracuda Networks Identifies Long-Exploited Zero-Day Vulnerability
    The earliest identified evidence of exploitation dates back to October 2022.

One comment

  1. Avatar Patrick Spencer, Senior Director, Contrast Security May 26, 2020 @ 1:58 am
    Reply

    “Web applications are a growing focus point for cyber criminals. Motivated by financial outcomes, they understand the value of the information exchanged and stored in web applications. The 2020 Verizon Data Breach Investigations Report (DBIR) confirms that this is the case: 43% of data breaches are tied to web application vulnerabilities—which more than doubled year over year. Legacy, outside-in DevOps security is failing, and a new approach is needed that takes an inside-out approach.”

    Patrick Spencer, Senior Director, Contrast Security

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cloud Certification
    CompTIA Updates Cloud+ Certification, Drops New AI Guide for Businesses
  • cybersecurity lock
    Telos Partners Get New CyberProtect Partner Program
  • Cloud security
    VMware Debuts Cloud Web Security on SASE Platform
  • Benefit, Plus Sign
    TBI, Avant Add New Cloud, Security Suppliers to Lineups

Upcoming Events

View all

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Galleries

View all

7 Channel People Making Waves This Week at TD Synnex, Veeam, Kaseya, Zendesk, More

June 2, 2023

Cloud Computing News: VMware, Celigo, Google Cloud, AWS Dominate the Week

June 2, 2023

Channel People on the Move: HPE, Lumen, Sophos, TD Synnex, AireSpring, More

June 1, 2023

Industry Perspectives

View all

Dell Technologies World: Dell Apex Expanded Across On-Premises, Cloud and Edge

May 22, 2023

Identity Is Increasingly Valuable – and Targeted

May 18, 2023

Gaining a Competitive Advantage through AV Managed Services

May 10, 2023

Webinars

View all

From Problem to Profit: Mastering the Science of Selling Using Business Outcomes

May 9, 2023

Meet the 2023 Channel Futures Channel Influencers

April 13, 2023

DE&I Dialogue: How the Right DE&I Initiatives Can Propel Your Business

April 5, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode No. 123: MartinWolf M&A Advisors, CP Expo Preview

UScellular Takes On Rivals with Partner Program Simplicity

April 21, 2023

OpenText Simplifying Deal Registration, Doubling Down on MDF

April 21, 2023

Everything-as-a-Service: CloudBlue Touts Critical Customer Transition

April 18, 2023

Twitter

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X