Every year Verizon takes a thorough look at the global breach landscape in the company’s annual Data Breach Investigations Report. This year’s report offers a wealth of information on the threats, vulnerabilities and actions that plagued businesses in 2014. The report is long, but interesting and worth a read. To make it easier for you, we pulled what we feel are some of the most interesting findings below:
Compromised credentials remain the largest threat in 2014.
If this graph doesn’t encourage you to pick a good password, we don’t know what will. Credentials are like keys to your business. Passwords should never be reused and two-factor authentication should be used whenever possible.
Humans are the weakest link.
This year’s survey found that 23 percent of phishing email recipients open phishing messages and 11 percent click on attachments. When you consider that one employee clicking on the wrong link can compromise your entire business’ system, this is an alarming statistic. Verizon also conducted a test to see how quickly phishing links are clicked on. They found that nearly 50 percent of victims opened emails and clicked on phishing links within the first hour. Teaching employees about security best practices and how to identify suspicious links has never been more important.
According to the Verizon report, mobile malware is not a big deal… but it really is.
They found that only .03 percent of the tens of millions of mobile devices they looked at were infected with malicious malware. We don’t agree with this finding. Mobile malware is a huge problem. Over a 12-month period Kaspersky Lab found more than 3.4 million malware detections on devices of 1 billion users. As mentioned above, employees are the weakest link. All it takes is one employee downloading a malware-infected app on his or her phone to put a business at risk.
If you are concerned about your business and the security risks outlined in Verizon’s Data Breach Investigations Report, we recommend you check out our Resources Page. We have a lot of great information for businesses and consumers on how to mitigate the risk and impact of a breach.