IT | Security

The 2014 DBIR Identifies Key Patterns in Breach Incidents

By: Absolute Editorial Team | 5/19/2014

The 2014 Data Breach Investigations Report was just released by Verizon, using statistical clustering to create for the first time a series of 9 patterns in security incidents that together describe 92% of the confirmed data breaches over the past 10 years. One of those top 9 patterns? Theft or loss of assets.

The report looks at 63,000 security incidents and 1,367 confirmed data breaches. Using the nine pattern classifications, a great deal of valuable information was gleaned from the data. It turns out, about 72% of incidents in any industry can be described by just 3 of the 9 patterns, though which 3 patterns varies per industry.

The report breaks down each of the 9 patterns and maps them out to threat actors, types of organizations targeted and security controls that could help. This new system can help you to understand what specific attacks are most likely and how to respond. The report can help you look at questions such as what employee errors could be leading to incidents and what threats are on the rise and what can we do about the threats that affect us most?

Highlights related to data security and endpoint issues include:

  • 46% of security breach incidents in healthcare were the result of lost or stolen assets, mostly from offices (not homes or cars). This was more than double the rate of theft or loss than in any other vertical.
  • 19% of security incidents in the public sector were the result of lost or stolen assets (after errors, insider misuse, crime ware)
  • 43% of theft or loss incidents happened at work
  • 14% of total security incidents were the result of physical theft and loss of devices, though only 1% of the confirmed data breaches (indicating loss, not theft, was more common and that recovery was possible)

The DBIR report outlined that organizations are still struggling with their endpoint security, with many not even rolling out encryption. Thankfully, Absolute Computrace and Absolute Manage offer leading solutions to secure and manage all endpoint devices. For organizations like those in healthcare, who suffer the heaviest losses of devices, the ability to secure endpoints and prove compliance is of the utmost importance.

Absolute Software is proud to work with Verizon as a Technology Alliance Partner. Together, we provide simplified business processes to customers who use Absolute solutions and Verizon wireless, allowing customers to save administrative time and resources.