In Cybersecurity … The Song Remains The Same (But With Ransomware Added)
The Verizon 2021 data breach report makes interesting reading, and tries to break down the costs, motivations and attack vectors related to data breaches and data incidents. For data breaches — the song remains the same — and where it is still social engineering that is the top attack vector (on the left-hand side), and, for incidents, it is the blunt (and unsophisticated) attack tool of DoS (on the right-hand side) [here]:
For costs, the report breaks down these into: BEC (Business Email Compromise); CDB (Computer Data Breach); Forensics; and Legal Advice. We can see that BEC and CDB have a similar range of costs, and which can go up to over $1 million. Ransomware has the greatest spectrum of costs, and starts at $69 but go up to over one million dollars:
It’s still privilege abuse that’s the main threat
And, as we increasingly move into zero-trust infrastructures, we are still faced with privilege abuse…