The 15 year old tradition is still standing strong with this week’s DBIR Annual Report. In the latest data breach report, Verizon highlighted their analysis of over 5,212 breaches and 23,896 security incidents to find the most common trends used by fraudsters. The 4 most commonly used methods include enterprise estates, credentials, phishing, and exploiting vulnerabilities.
In the report, it was stated that the hackers prefer to exploit the human element (errors, misuse, and social engineering). By combining these elements and the entry points above, hackers find access to organizations and begin stealing data. As a matter of fact, Verizon Data breach report states that 82% of all breaches this year were because of the human element. Human elements can be anything, including errors, misuse, and social engineering.
Other factors were also included in the high number of data breaches, including:
- 45% were related to credential resume
- 25% of breaches were due to social engineering
- 50% were related to remote access and web apps
Verizon’s 2022 Data Breach Report – Takeaway
The core of this year’s data breach report was that the weakest link out of all are humans. The reason for that is simple, it’s because users continue to click on malicious links, and they continue to lose or hand out their credentials. Users all over the world are making the same kind of mistakes that hackers love to exploit. This is what provides hackers the back passage to sensitive systems of a business. While humans are making mistakes, it’s not a surprise as humans are bound to make mistakes. If these reports are scaring you, then worry not, it’s not all bad news, because you can always find ways around this problem.
While eliminating the human element from this equation sounds challenging for businesses, there are other options as well. Verizon recommends the usual approach can reduce usual approach to reduce some challenges, such as two-factor authentication and/or implementing password managers for users, all In an effort to avoid the impact credentials introduce.
Using this approach, you can reduce the likelihood of attackers being able to exploit poor passwords to gain access to applications, systems, and data. These capabilities have been available online for use, but the number of data breaches is increasing every single year.
Let’s focus on credentials for a moment. Why? If you do a quick search for credentials in the report, it appears over 86 times. With that in mind, the report suggests, “unfortunately, if you can access the asset directly over the internet by just entering credentials, so can the criminals.” If we can improve on authenticating users without the use of usernames and passwords, then organizations can reduce the risk of data breaches.
With smarter customer onboarding practices, organizations can save time, money, and effort. DIRO offers a range of verification solutions that can be used for: