Dive Brief:
- More than half of breaches are caused by a form of hacking, according to Verizon's annual data breach investigations report based on nearly 41,700 security incidents, including 2,013 confirmed data breaches.
- The majority of attacks, 69%, are perpetrated by outsiders, though 34% of attacks are carried out by internal actors. Phishing schemes, followed by stolen credentials and backdoor techniques were the top threats involved in breaches.
- Abuse of privileges was the No. 1 misuse, followed by mishandling data, unapproved workarounds and knowledge abuse. Financial motives are the most common, though stealing information for "illegal advantages" outside of a company also occurs.
Dive Insight:
Hackers have all the time in the world to figure out a system. Companies, on the other hand, "have a four-year project just to replace the servers on end-of-life operating systems," according to Verizon.
The juxtaposition of priorities can make security teams feel like they're always a step behind bad actors — which they are. Hackers look for the easiest place to start, which is usually cloud-based email servers or social media.
C-suite officials are top targets for hackers looking for credentials and once obtained, they can wreak havoc on a internal corporate systems.
The Office of Personnel Management's 2015 breach and Equifax's 2017 breach surprised a lot of people, said David Hogue, senior technical director for the NSA Cybersecurity Threat Operations Center, at a FedScoop event in Arlington, Virginia last month.
He argued that it's not realistic to expect organizations that aren't inherently tech companies to protect themselves from nation state adversaries or advanced hackers. When at security and tech conferences, Hogue is surrounded by Microsoft and Amazon. "We're not next to the Equifax booth."
Companies like Equifax have to rely on the expertise of tech and security firms while also "rally[ing] behind like-minded interests," said Hogue. There is a "splintering" in security between major enterprises that can afford the best cybersecurity solutions and their partners, like a business that makes seatbelts in Alabama, he said.
Less than one-third of small- to medium-sized businesses believe protection measures are highly effective, which could leave their whole partnership ecosystem vulnerable.
Major competitors are willing to share security-related information for the sake of the industry's safety as a whole. Walmart and Target "will kill each other for that last cent on a product," said Hogue, but they talk about cyber every day because an event can take down the whole industry.
Sharing information in real time is one way companies across industries and sectors proactively protect everyone. "Threat intelligence is actionable," said Hogue, leaving IT to fill the gaps.