Verizon DBIR and 3 Ways to Reduce Cyber Risk
With the rise of ransomware and an endless stream of patches in 2021, it takes reliable best practices to reduce your cyber risk exposure.
Report Reveals the Rise of Ransomware and Importance of the Human Element
The Verizon Data Breach Investigations Report is eagerly awaited each year. It provides a window into the world of global trends in security. This year’s analysis looked into 79,635 incidents around the world, of which 5,258 were confirmed data breaches.
Social engineering (primarily phishing) came up as the top avenue of incursion used in breaches. More than 30% of incidents stemmed from it, while web application attacks accounted for around 25% and system intrusions scored almost 20%.
Not surprisingly 85% of breaches included a human element with 61% involving credentials, and 13% containing ransomware. About 10% of the ransomware attacks cost organizations an average of about $1 million – whether from forking over the cash, remediation, or lost revenue.
Ransomware = Organized Crime
Organized crime is now behind four out of five breaches. In other words, the days of the lone hacker-genius-student sitting in an attic breaking into big government systems are behind us. These days, criminals are most often involved and their goal is money – as much as possible per breach. Yes, there is a little espionage going on, and perhaps a few lone wolves showing off their hacking prowess. But by and large, we are now dealing squarely with cybercriminals motivated by money and extortion.
The Verizon report emphasizes how hackers now use automation to quickly zero in on ripe areas.
“It’s important to limit your public facing attack surface, through asset management, defensive boundaries and intelligent patching.”
Another important finding is that it is not new vulnerabilities that cause the most trouble. It is old, unmitigated holes and vulnerabilities that are the most exploited.
“One might think that more recent vulnerabilities would be more common. However, as we saw last year, it is actually the older vulnerabilities that are leading the way. These older vulnerabilities are what the attackers continue to exploit. “
They give the example of the Microsoft Exchange Remote Code Execution Vulnerability (CVE-2021- 26855) that is being actively and massively exploited. Despite Microsoft issuing warning after warning, patches being in existence for months, and a barrage of news stories about this problem, organizations continue to be attacked due to not fixing this issue.
That’s why Verizon analysts condemn the ability of IT teams to keep up with the deployment of patches.
“The patching performance this year in organizations has not been stellar. Granted, it’s never been great.”
How to Greatly Reduce Cyber Risk
Those wishing to greatly reduce cyber risk, therefore, are advised to institute three practices.
Institute security awareness training to educate users into the many tricks and strategies of social engineering. Use this training to proof them up against phishing and other scams.
Eliminate internal procedures that slow the deployment of patches. Instead of relying on someone in IT to review, test, and determine when and if a patch should be deployed, add automation to the process.
Conduct regular vulnerability scans to detect systems, apps, and devices that offer a potential pathway into the enterprise.
How Tuearis Can Help
Tuearis provides help and guidance for all 3 of the practices above. We combine automated patch management with vulnerability scanning, as well as next-gen endpoint security and network security monitoring, with user training as a way to eliminate risk and plug the holes cybercriminals are using to institute ransomware and other forms of attack.
If it's time to mature your organization's cyber program, it's time for Tuearis. Let us help you REST SECURED.