Each year Verizon’s security team and BI analysts produce a yearly Data Breach Investigations Report (The DBIR) which provides analysis on over 53,000 security incidents and 2,216 confirmed data breaches.
It’s an exceptional breakdown of current and emerging cyber threats accompanied with an executive summary on how they impact various industries.
The ‘things to think about’ summary’s for each industry are a great reminder while companies are subject to highly sophisticated technical attacks a significant volume of incidents and breaches occur by attackers exploiting low hanging fruit exposed by misconfiguration of systems, misuse or poor handling of customer data and failures to apply the security controls and hygiene mandated by relevant compliance frameworks and best practises.
I strongly suggest you have a read and share with your engineering, ops and executives inside your company or organisation and encourage discussion on the findings and how the relate to your security roadmap and posture.
You can download the full report here. A huge thank you and well done to the Verizon team and all the contributors this is a very helpful resource for the security community.