James Thew - Fotolia
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the '2018 Verizon Data Breach Investigations Report' and its findings about ransomware, phishing and more.
The "2018 Verizon Data Breach Investigations Report" didn't offer any explosive findings -- the report had ransomware as the top malware threat -- but it did offer some important data points about the evolving threat landscape.
The Verizon DBIR 2018 includes more than 53,000 incidents, in addition to more than 2,200 breaches in 2017 across 67 countries. The report also found that 39% of malware-related breaches involved ransomware.
The report shows the steady increase in ransomware incidents over the last five years, as well as how attacks have moved beyond individual endpoints and targeted enterprise infrastructures. However, the ransomware problem could be even worse than Verizon's data indicates because of the reluctance of enterprises to publicly acknowledge these incidents and the ransom payments made to threat actors.
The Verizon DBIR 2018 also shed light on other attacks. For example, phishing and pretexting attacks represented 98% of social engineering attacks in 2017, and they were involved in 93% of breaches. However, one notable emerging attack -- cryptojacking -- was absent in this year's report.
How bad is the ransomware problem? Should ransomware attacks be considered breaches? Is Verizon's report biased toward noisy attacks? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more on the Verizon DBIR 2018 in this episode of the Risk & Repeat podcast.