Ep. 36 Federal IT and the Verizon Data Breach Investigation Report

November 29, 2022

It is not just lemmings that follow a herd off the cliff; technology professionals are garden-variety humans and subject to herd thinking as well.

If you try to keep up with trade publications you are subject to the editorial selection process of the folks who run the periodicals, newspapers, blog sites, newsletters, and podcasts. Catchy phrases pop up and it puts some joy into the drudgery of a daily tech column. You can take that from experience, I wrote over 500 weekly technology columns for The Washington Post.

Occasionally, you need to get your head out of the sand to get a wider perspective. For each of the past fifteen years, Verizon has provided the community with the Data Breach Investigation Report, or the DBIR.

"DBIR is based on just under 24,000 security incidents and that includes about 50 to 100 actual breaches. with machine learning, artificial intelligence is leveraged to categorize and classify."

Melissa Gilbert, Verizon Tweet

During the interview, Melissa Gilbert tells listeners of the 23,816 incidents and 5,212 confirmed breaches included in the report. They gather information from over eighty organizations all over the world. She elucidates upon the difference between an event, an incident, and a breach. She details the data schema used for the report and explains the 4 A’s: Actor, Action, Asset, and Attribute.

You can get your own copy of the free report here: The Verizon Data Breach Investigative Report

One of the key findings was the 13% increase in ransomware reported in the 2021 survey. If your agency has an initiative to prevent ransomware, you can be assured that you are not diving into an arcane topic.

The conclusion is to focus on securing credentials. Most of these attacks start with credential theft and then move deeper into the system.

If you enjoyed this article, you may want to listen to episode #29 Can Training Reduce Attacks on Federal Websites?