9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
Mistakes and missteps plague enterprise security. The Verizon 2017 Data Breach Investigations Report (DBIR) offers nuggets on what organizations must stop doing – now.
Datasets from the recent Verizon 2017 Data Breach Investigations Report (DBIR) show that some security teams still may be operating under false assumptions regarding what it takes to keep their organizations secure.
For starters, the same security standards don't apply across all vertical industries, says Suzanne Widup, a senior consultant for the Verizon RISK Team and co-author of the Verizon DBIR.
"It's not a one-size fits all situation," she says. "Look at what you have that will be stolen, how someone might steal it, and how to protect it."
The DBIR delves into what organizations are doing wrong from a security standpoint industry by industry as well as ways companies may be sabotaging their own security posture.
Among other things, organizations need to stop relying on user names/email address and passwords, the report says, given they are "rolling the dice" with reused passwords from other breaches. The DBIR shows that stolen or weak passwords contributed to 81% of all hacking–related breaches.
Here are other lessons learned from the DBIR data: in other words, beware of making these same mistakes in security.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024