We have two new reports to review and discuss today:
Here are a few highlights from the Verizon report:
- 69% of the breaches were perpetrated by outsiders. To that you need to add 2% by partners and 5% by multiple partners. 34% involved internal actors.
- 43% of the breaches involved small business victims, while 16% were of public sector entities, 15% in Healthcare, and 10% of financial industry organizations.
- 23% involved nation-state or affiliated actors.
- Only 71% were financially motivated while 25% were espionage.
- 56% took months to discover.
Ponemon told us:
- Information theft is the most expensive and fastest rising consequence of cybercrime—but data is not the only target. Core systems, such as industrial control systems, are being hacked in a powerful move to disrupt and destroy.
- Cybercriminals are adapting their attack methods. They are using the human layer—the weakest link—as a path to attacks, through increased phishing and malicious insiders. Other techniques, such as those employed by nation-state attacks to target commercial businesses, are changing the nature of recovery, with insurance companies trying to classify cyberattacks as an “act of war” issue.
- Cyberattackers have slowly shifted their attack patterns to exploit third- and fourth-party supply chain partner environments to gain…