Cisilion’s review of Verizon Data Breach report 2023

Cisilion’s review of Verizon Data Breach report 2023

In the rapidly involving landscape of cybersecurity, staying ahead has never been more critical. The Verizon Data Breach report 2023 highlights on-going and increasing risks that organisations need to be aware of and what organisations should be doing to better protect themselves.

We have highlighted some key findings from the report and how Cisilion can help you:

Data security challenges:

Despite an increase in sophisticated attacks, human error is still the root cause of most data breaches – with more sophisticated phishing attacks and spear phishing attacks (specific user targeted attacks) all aimed at getting access to corporate data.  Lost and stolen devices represent a major risk, especially with the increase in no-protected BYOD devices such as smart phones and laptops that are not protected by application or data loss policies and those with no device encryption or complex pass codes enabled.

Top attack vectors:

Stolen credentials, phishing, and vulnerability exploitation are the most common ways for cybercriminals to gain initial access to systems and data. As the report details, awareness, simulated attacks, user education and training remain poor in general.

Social engineering trends:

Alarming stats reveal that social engineering attacks, especially pretexting, are on the rise and can result in significant financial losses for organisations.

Social Engineering attacks are often very effective and extremely lucrative for cybercriminals. Perhaps this is why Business Email Compromise (BEC) attacks (which are in essence pretexting attacks) have almost doubled across our entire incident dataset, as can be seen in Figure 5, and now represent more than 50% of incidents within the Social Engineering pattern”. (Verizon Data Breach Report, 2023, pg 8.)

 

 

Human error types:

Misdelivery, publishing errors, misconfigurations, lost and stolen devices, and privilege misuse (too may admins and elevated rights) are some of the biggest human behaviour issues that contribute to the biggest data breaches. Interestingly, most of these errors were made by more technical staff, such as system admins, support teams and developers, that should have stringent security measures in place and a better understanding of the importance of security/governance controls than general users.

Concerningly, the report states that while most of reported incidents involve external threat actors (attackers), a staggering 19% of incidents were caused by internal actors, either through misuse (intentional or unintentional) or simple human error – sharing where they shouldn’t or accidental leakage!

People-proof security:

The report points out that organisations still need to do more to adopt a true Zero Trust approach to security. Organisations need to simplify yet strengthen security with multi-layered protection from endpoint to data centre and into third party apps, services, supply chain and network.

Work is needed to improve awareness through better training, tighter controls and policies, regular reviews of security controls reducing human error and improving the security culture. One key thing cited is that not enough training or simulated phishing tests/attacks are performed within organisations and those that do, need to follow-up better and support staff in being more cyber-threat aware.

 

What can you do and how can Cisilion help?

Most of this is part of any business data security strategy, however, as highlighted many businesses need to regularly review their controls and make sure they have advanced procedures in place such as; privileged access management, context aware, next-generations firewalls, anti-phishing protection (not just on email),  endpoint extended detection and response tools (XDR), and risk based conditional access policies rather than just a blanket multi-factor authentication for everyone.

IT should have the ability to remote wipe device and ensure that Data Loss Prevention polices extend to cloud apps, personal devices, and corporate owned devices.

We are Microsoft Cloud Security partner and Cisco Gold Partner; we can help you assess the base level of security with our environment review which looks at more than 190 different security controls across your environment and provide a simple, yet comprehensive analysis and recommendations to increase your security posture.

Take a look at our Microsoft 365 Security Assessment today and get in touch!