Data breaches now more sophisticated says Verizon
The annual Verizon security report says that data breaches are becoming more sophisticated while the attack vector widens
The annual authoritative Verizon Data Breach Digest 2017 finds that data breaches are becoming more sophisticated, no longer confined to just the IT department and are now affecting every function within an organisation.
As was the case in the Verizon 2016 Data Breach Investigations Report (DBIR), the human element is again to the fore this year.
"Data breaches are growing in complexity and sophistication," said Bryan Sartin, executive director, the RISK Team, Verizon Enterprise Solutions. "In working with victim organisations, we find that breaches touch every part of an organisation up to and including its board of directors. Companies need to be prepared to handle data breaches before they happen so they can recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price."
For wholesale carriers, the report is an important pointer to the types of security breaches which can harm their networks, where the biggest breaches are likely to occur and how to mitigate them.
The report once again confirms that there is a finite set of scenarios that occur with data breaches but many permutations occur within each, leading to an extensive range of damage that can be observed in the aftermath of a data breach. Breaches in the Digest are defined by type of breach, industry, one of nine DBIR incident patterns, and by stakeholder involvement.
This year's report points to five actions an organisation should take in the aftermath of a breach:
Preserve evidence; consider consequences of every action taken
Be flexible; adapt to evolving situations
Establish consistent methods for communication
Know your limitations; collaborate with other key stakeholders
Document actions and findings; be prepared to explain them.
To access the full digest, visit: http://verizonenterprise.com/databreachdigest