Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Mistakes and missteps plague enterprise security. The Verizon 2017 Data Breach Investigations Report (DBIR) offers nuggets on what organizations must stop doing – now.
May 23, 2017
Datasets from the recent Verizon 2017 Data Breach Investigations Report (DBIR) show that some security teams still may be operating under false assumptions regarding what it takes to keep their organizations secure.
For starters, the same security standards don't apply across all vertical industries, says Suzanne Widup, a senior consultant for the Verizon RISK Team and co-author of the Verizon DBIR.
"It's not a one-size fits all situation," she says. "Look at what you have that will be stolen, how someone might steal it, and how to protect it."
The DBIR delves into what organizations are doing wrong from a security standpoint industry by industry as well as ways companies may be sabotaging their own security posture.
Among other things, organizations need to stop relying on user names/email address and passwords, the report says, given they are "rolling the dice" with reused passwords from other breaches. The DBIR shows that stolen or weak passwords contributed to 81% of all hacking–related breaches.
Here are other lessons learned from the DBIR data: in other words, beware of making these same mistakes in security.
About the Author(s)
Former Associate Editor, Dark Reading
Dawn Kawamoto is a former Associate Editor for Dark Reading, where she covered cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's News.com, TheStreet.com, AOL's DailyFinance, and The Motley Fool. More recently, she served as associate editor for technology careers site Dice.com.
You May Also Like
A screen displaying many different types of charts and graphs to show what data is being analyzed.Cybersecurity Analytics