Verizon’s new ‘2014 Data Breach Investigations Report’ has found that over 90% of all cyberattacks over the last ten years fell into one of only nine patterns, varying by industry.  Currently in its seventh year, the report covers tens of thousands of incidents and for the first time now also includes cyberattacks that didn’t result in breaches to give a more complete picture.

According to Wade Baker, the main author behind the ‘Data Breach Investigations Report’ series:  “After analysing 10 years of data, we realise most organisations cannot keep up with cybercrime – and the bad guys are winning. … But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically.”

The findings will make fighting cyberthreats more targeted, though still a daunting task since organisations may not even realise they have been compromised.  The nine patters named by the DBIR are:    “miscellaneous errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.”

Additionally, the report noted that while 92% of attacks well into these nine categories, hackers were even less versatile, using just three patterns for over 70% of any security breaches on average, per industry branch.  Using the power of big data, these trends are finally emerging and the defences against cyberattacks can be more properly and strategically shored up.

Read more here

(Image Credit:  Linus Bohman)