Verizon has published a Data Breach Investigations Report annually and the latest report is the 11th edition, and all are extremely well detailed. Not all data breaches are discovered, and those that are discovered aren’t necessarily reported. The 2018 report covers 53,000 incidents, defined as: A security event that compromises the integrity, confidentiality or availability of an information asset. . It also covers 2,216 breaches, which are defined as: An incident that results in the confirmed disclosure — not just potential exposure — of data to an unauthorized party.
These numbers ), do NOT include breaches involving botnets. The additional 43,000 successful accesses via stolen credentials associated with botnets are handled in a special insights section of the report.
Those are scary numbers.
The Verizon report show s 73% perpetuated by outsiders, 28% involving internal actors, 2% involving partners, 2% featuring multiple parties, 50% carried out by organized criminal groups, 12% involved actors identified as nation-state or state-affiliated. These figures are regarding those confirmed data breaches, not all security incidents. While 28% involve internal users, the bulk of data breaches were caused by from people outside the organization, using malware or social attacks, or exploiting vulnerabilities created due to errors.
While the exact internal actors weren’t found for all of the reported data breaches, analysis was done for 277 data breaches and a screen shows: 72 system admin, 62 end user, 62 other, 32 doctor or nurse, 15 developer, 9 manager, 8 executives
Database administrators may focus on denying permissions to developers for production, but developers proved much less likely to be involved in data breaches than system admins …which includes … the DBAs.
You don’t need production system access to cause a data breach. It’s common practice in an enterprise to make copies of production data for use by analysts, developers, product managers, marketing professionals, and others.
Privacy law compliance makes this all the more concerning.
