Highlights of Verizon 2018 Data Breach Investigations Report
templarbit.comVerizon released the 11th edition of their report yesterday and I took a quick look at it this morning and started compiling interesting highlights into this post.
Hope this will be of value to some of you. Particularly to people that don't want to spend time reading the entire PDF report.
There is also this companion site: http://www.verizonenterprise.com/verizon-insights-lab/dbir/t...
Thank you for sharing this, haven't seen this before. Pretty interesting.
The report looks very interesting, but for percentages to be meaningful we need to know that the data is a representative sample of actual breaches. Is it?
The percentages in this report are in relationship with the data points of 53,000 incidents and 2,216 confirmed data breaches that the team analyzed.
Yes, I saw and I should have included that in my comment. But I have no idea how many incidents and data breaches exist in reality. Is that a random selection? All incidents/breaches reported someplace? Are they all Fortune 500 company breaches?
What does this sample represent?
Ah, yes I see what you mean. You got an excellent point here. It's not just fortune 500 companies, because one of the data points highlights that among the victims the SMB sector has the highest allocation. My guess is that the analysts try to get data from as many breaches as possible every year. Probably partnering with incident response firms like Mandiant. It's not a sample set and at the same time it is because a lot of breaches go undetected.
I'd recommend taking a look at the Appendix E: Methodology. It's a little long at three pages, but hopefully answers your questions. If not, hit up the email address or twitter account on page 47 and we'll answer them.
Gabe Co-Author
Gabe, thanks for that. Just checked the Appendix E section you mentioned, instantly a fan of what I saw there. Glad you have filters in place rather than just taking any breach report into the data set.