December 6, 2022

Volume XII, Number 340

Advertisement

December 06, 2022

Subscribe to Latest Legal News and Analysis

December 05, 2022

Subscribe to Latest Legal News and Analysis
Advertisement

Verizon’s 2022 Data Breach Investigations Report: A Must Read

I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. Just goes to show how long I have been working on data breaches. It is always written in language that is easy to understand, not super techy, and provides a great summary of the current risks to businesses.

The 2022 DBIR is no different. Take your time digging into its 108 pages—none should be missed. Issued on May 25, 2022, it is comprehensive, extremely useful, and top notch—as always.

The preamble is so true—that nothing is certain. The report speaks of credible analysis of data, including slanted bar charts, spaghetti charts, dot plots or pictograms, even though “all convey the uncertainty of our industry in their own way.”

Analyzing incidents from November 1, 2020 to October 31, 2021, the DBIR team acknowledges that we all continue to be surprised at the sheer creativeness of cybercrime, the constantly changing landscape of sophistication, and “if Sasquatch were elected Governor.” One of the things I love about the DBIR is the humor of the team.

According to the report:

“The past year has been extraordinary in a number of ways, but it was certainly memorable with regard to the murky world of cybercrime. From very well publicized critical infrastructure attacks to massive supply chain breaches, the financially motivated criminals and nefarious nation-state actors have rarely, if ever, come out swinging the way they did over the last 12 months.”

True enough. The DBIR team reports that there were four threats that led the threat actors to company systems: credentials, phishing, exploiting vulnerabilities, and botnets. Ransomware continued its upward trend, and supply chain security-related incidents caused widespread consequences and concern about nation states’ access to data.

I urge you to read the report and then re-read it. It is one of the best indicators of the current state of cyber threats to organizations and can be very helpful in your preparedness efforts.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XII, Number 153
Advertisement
Advertisement
Advertisement

About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence
Partner

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

401-709-3353
Advertisement
Advertisement
Advertisement