Verizon’s recently released annual Data Breach Investigation Report (DBIR) makes for interesting if frightful reading. It seems no matter how hard we as an industry beat the security drums, data breaches are still a daily and costly fact of life.
The 2019 report is based on the analysis of 41,686 security incidents, of which 2,013 were confirmed data breaches. This data came from “73 data sources, 66 of which are organizations external to Verizon.”
Key stats include:
- 69% of data breaches last year were perpetrated by outsiders. What this means is that if companies could completely secure their perimeters, data breaches would flip from an existential business threat to an IT nuisance almost overnight. While internal fraud is obviously important to combat, it is the detection and management of external threats that security teams need to prioritize in terms of resources.
- 43% of data breaches involved small business victims. While the Targets, Home Depots, and Equifaxes of the world get all the headlines when their data are breached, small businesses are increasingly becoming the victims of attacks. That’s because, unlike those Fortune 500 companies, small businesses often don’t have the resources or technical know-how to secure their organizations from increasingly sophisticated attacks. Everyone is now a target, not just Target.
- 56% of breaches took months or longer to discover. In a perfect world, a data breach would be like a security alarm — the second a criminal breaks in, an alarm would go off to alert your team while notifying the authorities, allowing you to catch the crook red-handed. In reality, the cybercrook has time to break in, hang out, take a few naps, look around, steal what they want, and disappear weeks before anyone notices. Since it is difficult to stop a data breach in the act, your ability to detect and respond to threats is key.
- 43% of breaches that occurred involved phishing. Technical data breaches that involve hardcore hacking are terrible, but at least it feels like you were attacked by a computer mastermind. With phishing attacks, your employees were basically conned into clicking a link, emailing their personal information, or wiring money. Such phishing attacks are becoming more common, and are sophisticated enough to even fool people who understand the threats they pose. You must have a security solution that includes common sense as much as any technical security measure.
The takeaway from these stats is that every business, big and small, needs to be diligent in managing the detection and response of data breaches so it can stay safe and secure. Attackers need to start somewhere, whether they’re hacking into an unsecured server or a tricking a naive employee to bite on a phishing email. The better you can monitor, detect, and reduce the number of potential starting points a hacker can use to attack your business, and the more you can improve your response process for when compromises occur, the less likely you’ll experience a significant data breach.
It’s no longer a question of “if” you’re at risk for a breach. It’s a matter of “when” you’ll experience a breach, how bad it will be, and what you’ll do in response. In fact, you’ve likely already been breached and don’t even know it. The question is: What will you do now?
By shifting from a preventative mindset to a focus on threat detection and response, you’ll be better positioned to stop breaches before they occur while mitigating the damage once they do. However, few companies have the cybersecurity resources to do this effectively in-house, at scale.
Consider an Outsourced Solution
For most businesses, a security operations center (SOC)-as-a-service like Arctic Wolf is necessary to provide comprehensive managed detection and response, 24/7 monitoring, vulnerability assessment and threat analysis, and incident response needed to keep up with today’s cyberthreats. Arctic Wolf can help you prioritize vulnerabilities that require patching, address security incidents that require investigation, and improve your overall security posture so that you don’t end up in next year’s DBIR.
Discover how small to mid-size enterprises can gain access to the required people, process, and technology that make up SOC-as-a-service by downloading the Definitive Guide to SOC-as-a-Service.