Cybersecurity is a key concern for companies as well as countries and a recent Verizon Data Breach Investigations Report (DBIR) released last month analyses 5,199 confirmed data breaches and 16,312 security incidents which offer insights on how to keep the data safe.

The report describes an incident as a “security event that compromises the integrity, confidentiality or availability of an information asset” and a breach as “an incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party.”

The incidents that the Verizon Data Breach Investigations Report analyses took place between November 1, 2021, and October 31, 2022.

The report shows that 83% of the breaches were due to external actors while internal actors were responsible for 19% of the cybersecurity incidents. The report adds “Internal actors are not only responsible for intentional harm in these cases, but they are also just as likely to be responsible for Error actions.”

Financial motives were behind 94.6% of the incidents while espionage came a distant second.

Another highlight of the report is the relationship between cybersecurity and virtual currencies. The report says, “We saw a fourfold increase this year in the number of breaches involving cryptocurrency from last year. That is a far cry from the days of innocence in 2020 and earlier, when we got one or two cases maximum each year.”

russia cyberattacks
Source: Statista

Interestingly, the report did not find any major change in state-sponsored cyberattacks which might sound counterintuitive given the ongoing war in Ukraine.

Notably, according to Statista, between June 2021 and June 2022, over half of cyber-attacks by Russian state and state-affiliated groups targeted the US while the UK came second. Only 2% of cyberattacks targeted Ukraine.

Key Takeaways from Cybersecurity Report

The key takeaway from the report meanwhile is that “74% of all breaches include the human element with people being involved either via Error, Privilege Misuse, Use of stolen credentials or Social Engineering.”

The human element has historically been the biggest contributor to cybersecurity incidents. The report paints a sorry state of affairs of cybersecurity and noted that not enough is being done to even force attackers to “evolve their tactics because the old ones still work just fine.”

cybersecurity threats
Source: The Verizon Data Breach Investigations Report

The report says that people get involved in breaches through “Error, Privilege Misuse, Use of stolen credentials or Social Engineering.”

If we can plug these long-known vulnerabilities, it would help in a big way in boosting cybersecurity defense.

The report adds that “The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilities.” Credentials accounted for 49% of the total breaches and poor passwords have been “one of the leading causes of data breaches” for 15 years now.

MFA is a Good Defence Against Cyberattacks but Its Not Enough

The report says that one of the “best ways” we can plug this loophole is through the use of Multi-Factor Authentication (MFA).

Notably, CyberEdge’s 2022 annual Cyberthreat Defense Report (CDR) found that 43% of the surveyed companies were not using MFA which does not bode well for cybersecurity.

Source: Rublon/2022 CDR

Meanwhile, while MFA is a good defense against cyberattacks it’s clearly not enough and the Verizon DBIR report says, “In some cases, criminals used social engineering to convince users to accept the authentication attempts. In other instances, they stole the session cookie and used it to masquerade as the user.”

cybersecurity costs
Source: Statista

According to Statista, the total value of cybercrimes was only $0.86 trillion in 2018 but is expected to rise to $23.82 trillion by 2027.

Cybersecurity for Small Businesses

Cybersecurity is important not only for large businesses but also for small enterprises. The FTC lists a framework through which small businesses can prepare themselves against cyberattacks.

It calls upon businesses to require strong passwords, use MFA, limit login attempts, and encrypt portable media like laptops and thumb drives. The rules would hold good for businesses of all sizes.

The NIST Cybersecurity Framework lists five areas: Identify, Protect, Detect, Respond, and Recover. It also calls upon companies to create and share a cybersecurity policy that covers “roles and responsibilities for employees, vendors, and anyone else with access to sensitive data.”

All said, as the world economy continues to pivot to a digital future, cybersecurity would become increasingly important for individuals, companies, as well as countries.

Incidentally, cyberattacks made the food shortage situation of 2021 even worse as global meat giant JBS was hit with a cyberattack. With an increasing number of companies pivoting to AI, cybersecurity might also get even more attention than it has hitherto done.

What's the Best Crypto to Buy Now?

  • B2C Listed the Top Rated Cryptocurrencies for 2023
  • Get Early Access to Presales & Private Sales
  • KYC Verified & Audited, Public Teams
  • Most Voted for Tokens on CoinSniper
  • Upcoming Listings on Exchanges, NFT Drops