The Verizon 2015 DBIR just released today, and as someone said. It is “the best” DBIR ever. The report provides a number of important findings and new data analysis especially around the cost of data breaches. The report contains analysis of 2122 confirmed data breaches and 79790 security incidents. It is available for download from http://www.verizonenterprise.com/DBIR/
So what is new? Here is a summary:
- There were 70 partners contributing to this data set. Compared to last year when 50 partners contributed to DBIR 2014, this is 40% increase.
- Like 2014 DBIR, a vast majority of security incidents (96%) still fall into nine major categories.
- There is a significant hype about mobile threats. However, the data shows that mobile threats are not playing a significant role in real data breaches yet.
- Verizon created a new model for estimating cost of data breaches, which comes out to be 58 cents per stolen record.
- Verizon analyzes top three threats for different industry segments.
- The “detection deficit” is still playing a huge role in data breaches. This means the attackers are getting smarter but defenders are not making much progress.
- Phishing is playing a big role. People open about 23% of phishing emails and about half of them open attachments.
This year’s data breach is better than ever with more contributors to the data set and new recommendations from Verizon to detect breaches early, minimize the damage, and better respond to security incidents. This is a “must read” for information security professionals.