Knowledge is power — especially when it comes to cybersecurity. Verizon’s 17th annual Data Breach Investigations Report (DBIR) and IBM’s 19th annual Cost of a Data Breach report provide businesses with information on the latest cyber threats and trends.
Don’t have time to read nearly 150 pages of stats and insights? No problem. To help small and medium-sized organizations make the most of the reports, we’ve identified key takeaways that can significantly impact your cybersecurity strategy. Here’s what you need to know to better protect your organization’s people, data, and systems.
Takeaway 1: Ransomware Attacks Remain a Top Threat
Ransomware — where hackers steal and encrypt an organization’s data and hold it for ransom until the organization pays them to decrypt it and restore access — was noted as a top threat among 92% of all industries in the Verizon report.
But ransomware’s impact goes far beyond data encryption—attacks cause operational downtime, financial losses from ransom payments and recovery efforts, and potential long-term reputational damage. IBM found that the average cost of a ransomware incident was $4.88 million, and ransomware is the culprit behind one out of every three data breaches in small and medium-sized businesses.
So, how can you protect your organization against ransomware? Focus on:
- Backup and recovery: Implement robust backup and recovery strategies
- Training: Conducting regular employee training on identifying and reporting suspicious activities
- Endpoint security: Strengthen endpoint security with advanced threat detection capabilities
- Patching: Keep systems and software up-to-date with the latest security patches
Takeaway 2: The Human Element in Data Breaches
What else plays a significant role in data breaches? Humans. The DBIR shares that the human element — errors like falling for phishing attacks or using weak passwords — was involved in 68% of breaches. Alarmingly, the report also found that the median time for users to fall for phishing emails is less than 60 seconds.
What’s the best way to address this vulnerability? Prioritize activities like training by regularly providing comprehensive cybersecurity awareness educational programs. Additionally, regular phishing simulations should be conducted to test and improve employee responses. And, of course, ensure you’re enforcing password policies and have multi-factor authentication (MFA) implemented across your systems.
Takeaway 3: Insider Threats Are Growing
The DBIR also highlights the increased number of insider threats, with internal actors involved in 35% of breaches, up from 20% in the previous year. Whether you’re dealing with an intentionally nefarious insider or a well-meaning employee inadvertently mishandling data, you must address the potential of both malicious and unintentional insider risks.
To mitigate insider threats:
- Access controls: Implement strict access controls based on the principle of least privilege (PoLP)
- Monitoring tools: Empower your security team to identify and stop a data breach; IBM reports that teams and their tools are responsible for detecting 42% of data breaches. Invest in monitoring tools that will help detect unusual data access or transfer patterns.
- AI: Take advantage of AI and automated support services that can help enhance your security strategies. IBM found that organizations that invested in AI prevention technologies saved $2.22 million over organizations that didn’t invest in AI.
Takeaway 4: Credential Theft Remains a Leading Attack Vector
Stolen user credentials — whether through phishing, brute-force attacks, or even purchasing credentials from dark web marketplaces — often represent a gold mine for hackers. The DBIR reports that hackers used stolen credentials in 77% of breaches within the Basic Web Application Attacks pattern. A simple compromised username and password combo can have a major impact — stolen credentials are often the starting point for much larger widespread data breaches and system compromises.
The IBM report found similarly worrisome numbers:
- 70% of businesses suffer a significant or very significant disruption as the result of a data breach
- Data breaches involving stolen credentials took an average of 292 days to be discovered
- Confidential information was compromised in one-third of data breaches
To protect against credential theft, consider countermeasures like:
- Password policies: Implement robust password policies that encourage the use of unique, complex passwords
- Password management tools: Deploy password management tools to help employees manage multiple strong passwords
- MFA: Enforce multi-factor authentication across all critical systems and applications
- Monitor logins: Regularly monitor for and alert on suspicious login activities
Staying Ahead of the Curve
Certainly, the latest reports from Verizon and IBM provide valuable insights into the current cybersecurity threat environment. By focusing on these key takeaways – being prepared for ransomware, mitigating human factors, managing insider threats, and protecting credentials – your organization can improve its security posture.
But that isn’t enough; as the reports reiterate, effective cybersecurity is an ongoing process that requires continual attention and improvement. Assess your current security measures against these findings to determine your strengths and weaknesses. Then, commit to staying up to date on the latest security trends and best practices. By staying vigilant and prioritizing cybersecurity, your organization can minimize the risk of data breaches.
Are you doing everything possible to secure your organization’s data and systems, or are you missing a potentially devastating attack vector? A comprehensive security audit from Xantrion can help identify your security blind spots. Get in touch to learn more.
