Verizon’s Show-Stopping DBIR 2021 Is A Must Read for Every Cyber Security Professional: Stunning Data Amidst a Surge of Attacks in 2020
By: Matthew Vulpis
Originally published on TechZone 360
Verizon recently released its annual Data Breach Investigations Report (DBIR), which provides valuable insight and analysis into the cybersecurity challenges faced by organizations. The report this year analyzed 29,207 security incidents, with data coming from 83 contributors and victims spanning 88 countries, 12 industries, and three world regions, which found a confirmed 5,258 breaches, a 33 percent increase in volume from last year’s report.
The 2020 DBIR found that ransomware continues to be a top cyber-attack, with a six percent increase in attack volume, while phishing cyber threats were also on the rise, with an 11 percent increase. Ransomware is a type of malicious software that restricts or limits users of a targeted organization from accessing their IT systems, while with phishing, attackers persuade and deceive employees in many ways to gain critical access, most commonly via email.
“Over the past years, phishing and ransomware have become the most rampant form of cybercrime and an exponentially increasing threat to organizations, said Orhan Yildirim, CTO of Ironsphere, a software and privileged access management company, when asked about cyber threats. “The two will often go together, with ransomware being the malware designed for the sole purpose of extorting money from victims, and phishing being the delivery mechanism in order to gain access to a user’s credentials.”
It’s not necessarily a surprise that cyber threats, in general, were on the rise this past year, as the global pandemic forced people to work from home, putting more people on the internet at once than ever before. However, breach data showed that 61 percent of breaches involved credential data, with 95 percent of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year, which can have a devastating effect on a company.
“Ransomware and phishing attacks can have an overwhelming impact on businesses of all sizes, with personal and corporate data, financial and healthcare records, network share files, and all other valuable content being able to be taken hostage by ransomware.,” said Yildirim. “The stories are proving that it can halt businesses, slow down productivity, and potentially set an entire organization up for failure.”
However, while attacks are on the rise, there are a variety of practices organizations should follow to bolster their defense against cyber attackers. Solutions such as Privileged Access Management (PAM) can help companies protect against the threats posed by credential theft and privilege misuse.
PAM refers to a comprehensive cybersecurity strategy comprising people, processes, and technology, to control, monitor, secure, and audit all human and non-human privileged identities and activities across an enterprise IT environment. PAM is grounded in the principle of least privilege, wherein users only receive the minimum levels of access required to perform their job functions.
“The principle of least privilege is widely considered to be a cybersecurity best practice and is a fundamental step in protecting privileged access to high-value data and assets,” said Yildirim. “By enforcing the principle of least privilege, organizations can reduce the attack surface and mitigate the risk from malicious insiders or external cyber attacks that can lead to costly data breaches.”
Challenges that organizations face, such as managing account credentials, tracking privileged activity, monitoring and analyzing threats, and controlling privileged user access, can all be handled efficiently by a PAM solution. By prioritizing PAM programs as part of their larger cybersecurity strategy, companies can experience many organizational benefits, including mitigating security risks and reducing the overall digital attack surface, enhancing visibility and situational awareness across the enterprise, and improving regulatory compliance, all of which Yildirim states are essential as we continue to move toward a more digital future.
“As reliance on digital technologies continues to increase, cyber attacks have become increasingly sophisticated,” Yildirim explained. “Organizations that rely on outmoded cybersecurity strategies leave themselves vulnerable to threats, as organized criminal hackers, whose disruptive ambitions are only growing, search out the easiest organizations to target.”
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.