Verizon's Show-Stopping DBIR 2021 Is A Must Read for Every Cyber Security Professional: Stunning Data Amidst a Surge of Attacks in 2020

By Matthew Vulpis May 25, 2021

Verizon recently released its annual Data Breach Investigations Report (DBIR), which provides valuable insight and analysis into the cybersecurity challenges faced by organizations. The report this year analyzed 29,207 security incidents, with data coming from 83 contributors and victims spanning 88 countries, 12 industries, and three world regions, which found a confirmed 5,258 breaches, a 33 percent increase in volume from last year’s report.

The 2020 DBIR found that ransomware continues to be a top cyber-attack, with a six percent increase in attack volume, while phishing cyber threats were also on the rise, with an 11 percent increase. Ransomware is a type of malicious software that restricts or limits users of a targeted organization from accessing their IT systems, while with phishing, attackers persuade and deceive employees in many ways to gain critical access, most commonly via email.

“Over the past years, phishing and ransomware have become the most rampant form of cybercrime and an exponentially increasing threat to organizations, said Orhan Yildirim, CTO of Ironsphere, a software and privileged access management company, when asked about cyber threats. “The two will often go together, with ransomware being the malware designed for the sole purpose of extorting money from victims, and phishing being the delivery mechanism in order to gain access to a user’s credentials.”

It’s not necessarily a surprise that cyber threats, in general, were on the rise this past year, as the global pandemic forced people to work from home, putting more people on the internet at once than ever before. However, breach data showed that 61 percent of breaches involved credential data, with 95 percent of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year, which can have a devastating effect on a company.

“Ransomware and phishing attacks can have an overwhelming impact on businesses of all sizes, with personal and corporate data, financial and healthcare records, network share files, and all other valuable content being able to be taken hostage by ransomware.,” said Yildirim. “The stories are proving that it can halt businesses, slow down productivity, and potentially set an entire organization up for failure.”

However, while attacks are on the rise, there are a variety of practices organizations should follow to bolster their defense against cyber attackers. Solutions such as Privileged Access Management (PAM) can help companies protect against the threats posed by credential theft and privilege misuse.

PAM refers to a comprehensive cybersecurity strategy comprising people, processes, and technology, to control, monitor, secure, and audit all human and non-human privileged identities and activities across an enterprise IT environment. PAM is grounded in the principle of least privilege, wherein users only receive the minimum levels of access required to perform their job functions.

“The principle of least privilege is widely considered to be a cybersecurity best practice and is a fundamental step in protecting privileged access to high-value data and assets,” said Yildirim. “By enforcing the principle of least privilege, organizations can reduce the attack surface and mitigate the risk from malicious insiders or external cyber attacks that can lead to costly data breaches.”

Challenges that organizations face, such as managing account credentials, tracking privileged activity, monitoring and analyzing threats, and controlling privileged user access, can all be handled efficiently by a PAM solution. By prioritizing PAM programs as part of their larger cybersecurity strategy, companies can experience many organizational benefits, including mitigating security risks and reducing the overall digital attack surface, enhancing visibility and situational awareness across the enterprise, and improving regulatory compliance, all of which Yildirim states are essential as we continue to move toward a more digital future.

“As reliance on digital technologies continues to increase, cyber attacks have become increasingly sophisticated,” Yildirim explained. “Organizations that rely on outmoded cybersecurity strategies leave themselves vulnerable to threats, as organized criminal hackers, whose disruptive ambitions are only growing, search out the easiest organizations to target.”

Edited by Luke Bellos
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Content Contributor

Related Articles

$100M Towards Innovative Capital Options: AppDirect Secures New Funding from CDPQ

By: Alex Passett    1/9/2024

New funding from CDPQ provides AppDirect with the power to help technology providers and advisors in transforming and scaling their businesses while m…

Read More

NextPlane's Affordable Microsoft Teams PSTN Calling Solution for UCaaS and Service Providers

By: TMCnet Staff    5/23/2023

NextPlane's Affordable Microsoft Teams PSTN Calling Solution for UCaaS and Service Providers

Read More

Snapchat Announces its New ChatGPT-Powered 'My AI' Chatbot

By: Alex Passett    2/27/2023

The popular app Snapchat is now offering a new friend, of sorts: My AI. Powered by ChatGPT, the bot is already integrated for select users to experime…

Read More

Black-owned Businesses See Vision Become Reality with Dialpad, and Sacramento King's Davion Mitchell

By: Greg Tavarez    2/24/2023

Dialpad is further expanding its Tech for Black Founders program and partnership with Sacramento Kings' point guard Davion Mitchell to promote Black-o…

Read More

IDEA Showcase 2023 at ITEXPO Gives Startups Opportunity for Exposure

By: Greg Tavarez    2/16/2023

IDEA Showcase 2023 at ITEXPO in Ft. Lauderdale, Florida, gave entrepreneurs a chance to present pitches to a panel of judges.

Read More