Verizon’s latest look at data breaches and network security concludes that mobile continues to be relatively secure – not a preferred path for real-world data breaches – in spite of the presence of malware.
This year’s Data Breach Investigation Report tallied nearly 80,000 security incidents, with more than 2,100 confirmed data breaches in 61 countries. Two-thirds of the incidents happened in the United States, although Verizon noted that is likely because of the contributing companies’ locations.
Most threats – around 80% – continue to be external to companies, rather than internal or through a partner.
The annual Verizon DBIR continues to broaden its data sources and become more comprehensive, according to Verizon executive Jay Jacobs. This year it includes various security-related data from more than 70 companies and for the first time, Verizon was able to include data that looked at the financial impact of data breaches, based on insurance claims.
“We’ve been trying to get data like that for years, and we finally got it,” said Jacobs. Data breaches have cost businesses an estimated $400 million and resulted in 700 million compromised records, according to Verizon. The average cost of a data breach is 58 cents per record – but a more sophisticated look at available data pegs the forecasted average loss for a breach of 1,000 records at $52,000 to $87,000. Sound a bit confusing? The company lays out its numbers and the methodology behind them in the full report, which will be available Wednesday. Past reports are available here.
One of the noteworthy improvements over previous years is that there was a reduction in what Verizon termed the “detection deficit,” or the amount of time between when a system is breached and when the breach is detected. Typically, Jacobs said, it takes days, weeks, or even months for companies to discover a data breach even though in 60% of cases, it takes only moments for attackers to compromise an organization.
“It’s hard to say if this is part of an overall trend or a one-off variation,” Jacobs added.
One thing that has been consistent in Verizon’s DBIRs is that mobile is a source of few breaches. Even though data from Verizon Wireless showed hundreds of thousands of malware infections, most were “adnoyances” rather than true security threats.
According to the report: “With our first pass through the data, we found hundreds of thousands of (Android) malware infections, most fitting squarely in the adnoyance-ware category. In our second through eighteenth passes, we turned the data inside out but ended up just coming back to the malware. Finally, we stripped away the ‘lowgrade’ malware and found that the count of compromised devices was truly negligible. The benefit of working with an internal team is that we knew how many devices were being monitored. An average of 0.03% of smartphones per week – out of tens of millions of mobile devices on the Verizon network – were infected with ‘higher-grade’ malicious code. This is an even tinier fraction than the overall 0.68% infection rate (of all types of unwanted software) from Kindsight Security Labs’ biannual report.
“Mobile breaches have been few and far between over the years. Adding dozens of new contributors didn’t change that, and we’ve come to the same data-driven conclusion year after year: Mobile devices are not a preferred vector in data breaches,” the report said.
Jacobs said that Verizon is advising that companies invest in “visibility” in their networks, rather than specific control mechanisms when it comes to mobile – so that if mobile does become a source of data breaches in the future, companies will know when that shift occurs.
Companies, he said, should “just get something in to have visibility, to tell when that trend starts to change, because there are so many other places we have bigger issues.”
Image: 123RF