Verizon's Data Breach Investigations Report (DBIR) - What's new in 2015

July 2015

I have been reviewing Verizon's DBIRs since 2012 and intended to do the same this year. Apparently, I do not need to write a new post as my review from last year is still valid where majority of security incidents (96% to be exact) fall into one of the nine incident patterns defined in 2014. I would say my previous review is still applicable this year with the addition of a few points below;
  • Point of Sale (POS) Intrusions took over the top position from Web Application Attacks that is now down to 9.4% from its huge slice of 35% last year. Maturity of technical vulnerability management processes look like on the rise, though the report does not jump into simple conclusions as such.
  • Crimeware (represents generic malware infections) and Cyber-Espionage compromise other big slices; 18.8% and 18% of the total number of incidents respectively.
  • External actors are still the major player of incidents. No surprise!
  • RAM Scraper has become a significant threat action this year. This must be in relation to the big slice of POS intrusions (28.5% of data breaches) where sensitive data momentarily reside unencrypted in RAM for processing.
  • Phishing is still rising with a slowing rate of growth. In contrast, keylogger malware  has been in decline.