Verizon’s 2019 Data Breach Investigations Report (DBIR) is probably this year’s second-most anticipated report after the one from Robert Mueller. In its 12th edition, it contains details on more than 2,000 confirmed data breaches in 2018, taken from more than 70 different reporting sources and analyzing more than 40,000 separate security incidents.
What sets the DBIR apart is that it combines breach data from multiple sources using the common industry collection called VERIS – a third-party repository where threat data is uploaded and made anonymous. This gives it a solid authoritative voice, and one reason why it’s frequently quoted.
I describe six megatrends from the report, including:
- The C-suite has become the weakest link in enterprise security.
- The rise of the nation state actors.
- Careless cloud users continue to thwart even the best laid security plans.
- Whether insider or outsider threats are more important.
- The rate of ransomware attacks isn’t clear.
- Hackers are still living inside our networks for a lot longer than we’d like.
I’ve broken these trends into two distinct groups — the first three are where there is general agreement between the DBIR and other sources, and last ones . are where this agreement isn’t as apparent. Read the report to determine what applies to your specific situation. In the meantime, here is my analysis for HPE’s Enterprise.nxt blog.