The 2014 Verizon Data Breach Investigations Report has been finalized and released to the public. Nine basic patterns were identified that describe 94% of the confirmed data breaches in 2013. The same nine patterns describe 95% of breaches over the last three years. Point of Sale (POS) intrusions, web application attacks, cyber-espionage and card skimmers makeup the top concerns related to data disclosure. No surprise here.
However, particularly interesting is the correlation between incident patterns and industries. Readers can use associations provided in the report to draw conclusions and recognize which patterns apply to their own organization. Figure 19, illustrated on page 15 of the report, allows a reader to identify the frequency of each pattern according to their industry type. Another graph, Figure 70, maps critical security controls to incident patterns and prioritizes the controls by industry. This figure is especially useful because the control references are linked to the source of defense. These defined controls show which security measures to take in order to better protect data from a breach in specified environments.
Click here to view the report in its entirety. Don’t miss the “Recommendations for Consumers” in Appendix B, page 54. Didn't catch last year's report? View our blog post, "An Overview: Verizon 2013 Data Breach Investigation Report" here.
If you have further questions concerning the payment card industry, data security standards, and/or PCI compliance, contact me at firstname.lastname@example.org or (901) 685.5575.