Verizon 2019 Data Breach Investigations Report
The 2019 DBIR is finally here! Some interesting items at first glance:
– 32% of breaches involved phishing
– 33% included Social attacks
– 43% of breaches involved small business victims
– 34% involved Internal actors
– Figure 21, page 14. In sanctioned phishing exercises, click rates are down to 3% (a good sign, but one just one click can be devastating)
– Golf analogy on page 20
The gray box on page 14 (social engineering) is also interesting: "Research points to users being significantly more susceptible to social attacks they receive on mobile devices. This is the case for email-based spear phishing, spoofing attacks that attempt to mimic legitimate webpages, as well as attacks via social media. . . ."
. . .