ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

2024 Data Breach Investigations Report: Half of the Breaches in EMEA are Internal

By: via GlobeNewswire

What you need to know:

  • More than two-thirds (68%) of breaches globally involve a non-malicious human action.
  • Vulnerability exploitation experienced 180% growth vs 2023.
  • On average it took organisations about 55 days to patch 50% of their critical vulnerabilities.

LONDON, May 01, 2024 (GLOBE NEWSWIRE) -- Verizon Business today released the results of its 17th annual Data Breach Investigations Report (DBIR), which analysed 8,302 security incidents in Europe, the Middle East and Africa (EMEA), of which 6,005 (more than 72%) are confirmed breaches.

Virtually half of the breaches (49%) in EMEA are initiated internally, suggesting high incidences of privilege misuse and other human errors. Across EMEA, the top reasons for cybersecurity incidents are miscellaneous errors, system intrusion, and social engineering, which account for 87% of breaches. The most common types of data compromised are personal (64%), internal (33%), and credentials (20%).

The human element continues to be the front door for cybercriminals

Most breaches globally (68%), whether they include a third party or not, involve a non-malicious human action, which refers to a person making an error or falling prey to a social engineering attack. This percentage is about the same as last year. One potential countervailing force is the improvement of reporting practices: 20% of users identified and reported phishing in simulation engagements, and 11% of users who clicked the email also reported it.

“The persistence of the human element in breaches shows that organisations in EMEA must continue to combat this trend by prioritising training and raising awareness of cybersecurity best practices. However, the increase in self-reporting is promising and indicates a cultural shift in the importance of cybersecurity awareness among the general workforce,” said Sanjiv Gossain, EMEA Vice President, Verizon Business

Zero-day vulnerabilities remain a persistent threat to enterprises

Globally, the exploitation of vulnerabilities as an initial point of entry increased since last year, accounting for 14% of all breaches. This spike was driven primarily by the scope and growing frequency of zero-day exploits by ransomware actors, most notably the MOVEit breach, a widespread exploitation of a zero-day vulnerability.

“The exploitation of zero-day vulnerabilities by ransomware actors remains a persistent threat to enterprises, due in no small part to the interconnectedness of supply chains,” said Alistair Neil, EMEA Senior Director of Security, Verizon Business “Last year, 15% of breaches involved a third party, including data custodians, third-party software vulnerabilities, and other direct or indirect supply chain issues.”

Analysis of the Cybersecurity Infrastructure and Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalogue revealed that on average it takes organisations 55 days to remediate 50% of critical vulnerabilities following the availability of patches. Meanwhile, the median time for detecting the mass exploitations of the CISA KEV on the internet is five days.

As a possible relief to some anxieties, the rise of artificial intelligence (AI) was less of a culprit vs challenges in large-scale vulnerability management. “While the adoption of artificial intelligence to gain access to valuable corporate assets is a concern on the horizon, a failure to patch basic vulnerabilities has threat actors not needing to rapidly advance their approach and focusing their use of AI on accelerating social engineering,” Chris Novak, Sr. Director of Cybersecurity Consulting, Verizon Business.

Additional key findings:

  • About 32% of all breaches involved some type of extortion technique, including ransomware.
  • Over the past two years, roughly a quarter (between 24% and 25%) of financially motivated incidents involved pretexting.
  • Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all breaches.

View the 2024 Data Breach Investigation Report here.

Click here for more information on ways to help defend against zero-day vulnerabilities and other cyber threats.

You can also read the Global Press Release here.

About Verizon
Verizon Communications Inc. (NYSE, Nasdaq: VZ) was formed on June 30, 2000 and is one of the world’s leading providers of technology and communications services. Headquartered in New York City and with a presence around the world, Verizon generated revenues of $134.0 billion in 2023. The company offers data, video and voice services and solutions on its award-winning networks and platforms, delivering on customers’ demand for mobility, reliable network connectivity, security and control.

VERIZON’S ONLINE MEDIA CENTER: News releases, stories, media contacts and other resources are available at verizon.com/news. News releases are also available through an RSS feed. To subscribe, visit www.verizon.com/about/rss-feeds/.

Media contacts:
Sebrina Kepple
+44 7391 065817
Sebrina.Kepple@verizon.com


Primary Logo

More News

View More
General Dynamics Hits New Highs: Why It Might Keep Climbing
Via MarketBeat
Tickers GD
Nike’s Turnaround: If the Shoe Fits, Buy It!
Via MarketBeat
Tickers NKE
NVIDIA Breaks Out to New Highs: What Comes Next?
Via MarketBeat
Topics Economy Stocks World Trade
Tickers CRWV META NVDA
Microsoft Stock Hits Stride in 2025—How Much More Can It Run?
Via MarketBeat
Topics Artificial Intelligence Retirement
Tickers MSFT
How Berkshire's OxyChem Buy Cements Its Long-Term Strength
Via MarketBeat
Tickers BRK BRK-A BRK-B OXY
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.