The 2012 Data Breach Investigations Report has just been released by Verizon. As with previous reports, the report aims to understand the underlying issues of major data breaches for the year. This year, the report has been supplemented with contributions from law enforcement agencies in order to increase the awareness of global cybercrime. To that end, this report also looks at breaches from 22 additional countries over the previous year.
The 2012 report looks at 855 confirmed security breaches that affected 174 compromised records in 36 countries around the world; the 8 years of reports now includes over one billion compromised records from 2500+ breaches.
Key highlights from the report:
One of the most significant pieces of data regards the ability of companies to detect breaches - with only 8% of breaches being internally discovered, companies are left unaware of the state of their data. It is very risky to rely on outside observation for the detection of data breaches.
As many of the highlights report, there has been a significant shift to targeted attacks specifically looking for personally identifiable information (PII). Companies need to step up their analysis of event logs and data monitoring and establish stronger security controls in order to defend against these breaches. For more, read the press release and report.