Data breaches are becoming more complex and are no longer confined to just the IT department, but are now affecting every department within an organization. Each breach leaves a lingering, if not lasting imprint on an enterprise, according to the 2017 Data Breach Digest from Verizon.
"Data breaches are growing in complexity and sophistication," said Bryan Sartin, executive director, the RISK Team, Verizon Enterprise Solutions. "In working with victim organizations, we find that breaches touch every part of an organization up to and including its board of directors. Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price."
The report once again confirms that there is a finite set of scenarios that occur with data breaches but many permutations occur within each, leading to an expansive range of damage that can be observed in the aftermath of a data breach. Breaches in the Digest are defined by type of breach, industry, one of nine DBIR incident patterns, and by stakeholder involvement.
This year's 16 data breach scenarios are also classified according to their prevalence and lethality in the field. Ten of the cases represent more than 60 percent of the 1,400 cases investigated by Verizon's Research, Investigations, Solutions and Knowledge Team over the past three years, while the other six are less common but considered lethal or highly damaging to an organization.
The report groups the 16 scenarios into four different types of breaches and gives each a personality, including:
-
The human element
- Partner misuse – The Indignant Mole
- Disgruntled employee – The Absolute Zero
- Partner misuse – The Indignant Mole
- Disgruntled employee – The Absolute Zero
-
Conduit devices
- Mobile assault – The Secret Squirrel
- IoT calamity – The Panda Monium
- Mobile assault – The Secret Squirrel
- IoT calamity – The Panda Monium
-
Configuration exploitation
- Cloud storming – The Acumulus Datum
- DDoS attack – The 12000 Monkeyz
- Cloud storming – The Acumulus Datum
- DDoS attack – The 12000 Monkeyz
-
Malicious software
- Crypto Malware – The Fetid Cheez
- Unknown unknowns – The Polar Vortex
- Crypto Malware – The Fetid Cheez
- Unknown unknowns – The Polar Vortex
This year's report points to five actions an organization should take in the aftermath of a breach:
- Preserve evidence; consider consequences of every action taken
- Be flexible; adapt to evolving situations
- Establish consistent methods for communication
- Know your limitations; collaborate with other key stakeholders
- Document actions and findings; be prepared to explain them.
Read more: http://verizonenterprise.com/databreachdigest