You are here

Home

The Always Anonymized and Aggregated, Verizon’s 2022 Data Breach Investigations Report (2022 DBIR)

The Always Anonymized and Aggregated, Verizon’s 2022 Data Breach Investigations Report (2022 DBIR)

Created: Thursday, May 26, 2022 - 14:12
Categories:
Cybersecurity, Security Preparedness

The Verizon Data Breach Investigations Report, affectionately known as the “DBIR,” in its 15th annual publication, was released this week. Many of its crunched numbers and astute observations (based on empirical evidence) mirror common findings highlighted in other recently published authoritative reports from CISA and its international cybersecurity partners.

The observations in the Verizon 2022 Data Breach Investigations Report (2022 DBIR) demonstrate how the past year has been memorable and murky in the world of cybercrime. “From very well publicized critical infrastructure attacks to massive supply chain breaches, the financially motivated criminals and nefarious nation-state actors have rarely, if ever, come out swinging the way they did over the last 12 months.” Therefore, after anonymizing, aggregating, and analyzing of over 914,547 incidents, 234,638 breaches and 8.9 TBs of cybersecurity data, some of the high-level findings include:

  • There are four key paths leading to compromise: Credentials, Phishing, Exploiting vulnerabilities and Botnets. These four pervade all areas of the DBIR, and no organization is safe without a plan to handle them all.
  • This year Ransomware has continued its upward trend with an almost 13% increase–a rise as big as the last five years combined (for a total of 25% this year). Blocking the four key paths mentioned above helps to block the most common routes Ransomware uses to invade your network.
  • 2021 illustrated how one key supply chain breach can lead to wide ranging consequences. Supply chain was responsible for 62% of System Intrusion incidents this year. Unlike a Financially motivated actor, Nation-state threat actors may skip the breach and keep the access.
  • The human element continues to drive breaches. This year 82% of breaches involved the human element. Whether it is the Use of stolen credentials, Phishing, Misuse, or simply an Error, people continue to play a very large role in incidents and breaches alike.

Access the 2022 DBIR and related resources, including the executive summary at Verizon. Or, if you’re looking for a more condensed summary, you may enjoy The Record’s review, Verizon DBIR: If it’s not about cash, it’s about spying.