2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations...
Transcript of 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations...
![Page 1: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/1.jpg)
2016 Data Breach Investigations Report
2016 Data Breach Investigations ReportUnderstand what you’re up against.
Beltug X-changeMarch 29, 2017Fabrice WynantsManager Security Solutions BeNeLux & [email protected]
![Page 2: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/2.jpg)
2016 Data Breach Investigations Report
The DBIR
![Page 3: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/3.jpg)
2016 Data Breach Investigations Report
Data from
67contributors.
3
Ninth edition.
100Kincidents.
82countries.
2,260analyzed breaches.
Use the lessons learned from analyzing more than 2,000 confirmed data breaches.
• Data Breach Investigation Reports• Data Breach Digest Reports• Industry Oriented Reports
http://www.verizonenterprise.com/verizon-insights-lab/dbir/
2016 Data Breach Investigations Report
![Page 4: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/4.jpg)
2016 Data Breach Investigations Report
2016 DBIR Contributors
![Page 5: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/5.jpg)
2016 Data Breach Investigations Report
Some Breach Trends.
![Page 6: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/6.jpg)
2016 Data Breach Investigations Report
Threat Actors & Motives
89% of breaches had a financial or espionage motive
The actors in the breaches were predominantly external.
![Page 7: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/7.jpg)
2016 Data Breach Investigations Report
Threat Actions – Hacking, Malware & Social on the rise
![Page 8: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/8.jpg)
2016 Data Breach Investigations Report
88
Threat Actions – Don’t Forget the Human Errors
Human Error is involved in 37% of the Breaches
![Page 9: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/9.jpg)
2016 Data Breach Investigations Report
9
The Detection Deficit
Percent of breaches where time to compromise (green) and time to discovery (blue) as days or less
+ Less than 10% of breaches are discovered by internal means
Detection GAP
![Page 10: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/10.jpg)
2016 Data Breach Investigations Report
Birth of a Data Breach
![Page 11: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/11.jpg)
2016 Data Breach Investigations Report
11
Many incidents share the same threat actions in the early stages of the attack.
Three-pronged attacks highly familiar, repeatable, used frequently
Birth and rebirth of a data breach
![Page 12: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/12.jpg)
2016 Data Breach Investigations Report
12
View from our Sr. Data Analyst
Understanding the Opening Moves is Key.
Focus & block on the Intersections : Phishing, Malware & Credentials .
What happens next is determined by the attacker’s end game.
![Page 13: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/13.jpg)
13
41% of breaches involved phishing
30% recipients opened phishing messages
13% clicked on attachments
3:45 median time to first click
Number of phishing emails opened and clicked in first 24 hours and percent of opened emails that were clicked
Phishing
![Page 14: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/14.jpg)
2016 Data Breach Investigations Report
14
Malware and Crimeware
68% of breaches involved malware
Mainly introduced through Email as executables
![Page 15: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/15.jpg)
15
63% of confirmed data breaches involved leveraging a weak, default or stolen password (credential theft or use).
Credentials
Top threat action varieties within incidents
![Page 16: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/16.jpg)
2016 Data Breach Investigations Report
What can you do?
![Page 17: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/17.jpg)
2016 Data Breach Investigations Report
86% of security incidents fit into just nine incident classification patterns.
17
![Page 18: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/18.jpg)
2016 Data Breach Investigations Report
Over 90% of breaches fit into just nine incident classification patterns.
18
![Page 19: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/19.jpg)
2016 Data Breach Investigations Report
Patterns by Industry
![Page 20: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/20.jpg)
2016 Data Breach Investigations Report
Some Recommendations
Tailor your mitigations.
Make people your first line of defense.
Only keep data on a “need to know” basis.
Focus around Phishing, Malware and Credentials.
Patch promptly.
Use two-factor authentication where possible.
Ensure proper Detection & Response
![Page 21: 2016 Data Breach Investigations Report - Verizon Enterprise · 2016 Data Breach Investigations Report Data from 67 contributors. 3 Ninth edition. 100K incidents. 82 countries. 2,260](https://reader033.fdocuments.us/reader033/viewer/2022052923/5f03c6f47e708231d40ab7f5/html5/thumbnails/21.jpg)
2016 Data Breach Investigations Report
Verizon Data Breach
Investigations Report.
http://www.verizonenterprise.com/verizon-insights-lab/dbir/
21