Access your Pro+ Content below.
Verizon DBIR 2017: Basic cybersecurity focus misplaced
This article is part of the Information Security magazine issue of June 2017, Vol. 19, No. 5
Editor's note: this is part two of a two-part series covering the Verizon DBIR 2017. You can read part one, regarding the rise of ransomware and pretexting here. A growing theme across the recent years of the Verizon Data Breach Investigation Report (DBIR) is how the lack of basic cybersecurity plays a part in many of the breaches and security incidents every year, but Verizon suggested vulnerability patching may not be as impactful as once thought. Dave Hylender, senior risk analyst at Verizon Business, told SearchSecurity the aim of the Verizon DBIR was to focus on the data and to "keep opinion out of it" whenever possible, because it could be difficult to give cybersecurity recommendations to the diverse audience of the DBIR. However, experts noted that the data alone was enough to highlight basic cybersecurity practices that were failing, such as limiting password reuse and implementing multifactor authentication (MFA). According to the 2017 Verizon DBIR, 81% of breaches leveraged "stolen passwords and/or weak or guessable ...
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Cloud access security brokers offer CISOs a way to set policy and gain better understanding of cloud services and data in use across the enterprise. Do these tools fill the gaps?
An early career as a geologist helped the veteran financial services CISO thrive in the security field. The CISO role is now broader than technical functions, he says.
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017.
Columns in this issue
Visibility in cloud environments has proved challenging for information security executives tasked with protecting sensitive data and other assets.
Threat hunting is driven by alerts with less emphasis on cyberthreat intelligence, according to researchers. Yet 60% of those surveyed cited measurable security improvements.
This former CISO talks about her uncharted path from international banking to industry analysis. What's next for infosec? We ask the security strategist those questions and more.