2024 Data Breach Investigations Report
Half of the Breaches in EMEA are Internal
What you need to know:
- More than two-thirds (68%) of breaches globally involve a non-malicious human action.
- Vulnerability exploitation experienced 180% growth vs 2023.
- On average it took organisations about 55 days to patch 50% of their critical vulnerabilities.
LONDON, May 01, 2024 (GLOBE NEWSWIRE) -- Verizon Business today released the results of its 17th annual Data Breach Investigations Report (DBIR), which analysed 8,302 security incidents in Europe,
the Middle East and Africa (EMEA), of which 6,005 (more than 72%) are confirmed breaches.
Virtually half of the breaches (49%) in EMEA are initiated internally, suggesting high incidences of privilege misuse and other human errors. Across EMEA, the top reasons for cybersecurity incidents are miscellaneous errors, system intrusion, and social engineering, which account for 87% of breaches. The most common types of data compromised are personal (64%), internal (33%), and credentials (20%).
The human element continues to be the front door for cybercriminals
Most breaches globally (68%), whether they include a third party or not, involve a non-malicious human action, which refers to a person making an error or falling prey to a social engineering attack. This percentage is about the same as last year. One potential countervailing force is the improvement of reporting practices: 20% of users identified and reported phishing in simulation engagements, and 11% of users who clicked the email also reported it.
“The persistence of the human element in breaches shows that organisations in EMEA must continue to combat this trend by prioritising training and raising awareness of cybersecurity best practices. However, the increase in self-reporting is promising and indicates a cultural shift in the importance of cybersecurity awareness among the general workforce,” said Sanjiv Gossain, EMEA Vice President, Verizon Business
Zero-day vulnerabilities remain a persistent threat to enterprises
Lesen Sie auch
Globally, the exploitation of vulnerabilities as an initial point of entry increased since last year, accounting for 14% of all breaches. This spike was driven primarily by the scope and growing frequency of zero-day exploits by ransomware actors, most notably the MOVEit breach, a widespread exploitation of a zero-day vulnerability.
“The exploitation of zero-day vulnerabilities by ransomware actors remains a persistent threat to enterprises, due in no small part to the interconnectedness of supply chains,” said Alistair Neil, EMEA Senior Director of Security, Verizon Business “Last year, 15% of breaches involved a third party, including data custodians, third-party software vulnerabilities, and other direct or indirect supply chain issues.”