[ISN] No ‘One Size Fits All’ In Data Breaches, New Verizon Report Finds

http://www.darkreading.com/attacks-breaches/no-one-size-fits-all-in-data-breaches-ne/240153379 By Kelly Jackson Higgins Dark Reading April 22, 2013 If there’s one big theme of the just-released Verizon Data Breach Investigations Report (DBIR), it’s demographics: all sizes of organizations are getting hacked, and different industries are getting hit for different reasons and with different attack methods. “We shouldn’t have a one-size fits all approach,” Jay Jacobs, senior analyst for the Verizon RISK Team, says is one of the biggest takeaways from this year’s report, which was the biggest one yet in terms of data and sources. “There’s a big difference between [attacks hitting] a retailer and financial institutions versus manufacturers or consultants.” The report, which draws from 621 confirmed data breaches and 47,000 reported security incidents and 44 million compromised records worldwide in 2012 from Verizon as well as the US Computer Emergency Response Team and other national CERTs, the U.S. Secret Service, and law enforcement agencies in Europe, shows that 75 percent of all breaches last year were the result of financially motivated cyberattacks, and 20 percent, cyberespionage for stealing intellectual property or other information for competitive purposes. Hacktivism remained steady, but with more distributed denial-of-service (DDoS) attacks than “doxing” or other forms or data theft. Outsiders again reigned as the top attackers, making up 92 percent of the attackers that hit organizations last year. Next were state-sponsored attackers—the majority from China—with 19 percent of the attacks, and 14 percent were executed by insiders. Financial firms were hit the most, with 37 percent of last year’s breaches, followed by retailers and restaurants, 24 percent; manufacturing, transportation, utilities, 20 percent; and information services and professional services, 20 percent. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org