Verizon 2020 Data Breach Investigations Report
If you haven't read or seen the Verizon report then it's worth sparing the time and getting a copy from here.
Given that the executive summary runs to 19 pages you may not want to delve into the report but the highlights for me were:
Insider Threats; we keep hearing that we need to watch for them, and I'm not saying they should be ignored. However the finding of the report stated 70% of attacks were external, so we still need to guard the perimeter as well as east/west traffic.
Phishing and ransomware are not going anywhere as they are the most successful way of deployment and most devastating to an Organisation regardless of size.
What people/Organisations are getting right is patching of systems, probably helped by Microsoft improving their patch releases amongst others. Worryingly we have seen more attacks based at lower level than the OS, with Intel being in the news for issues around their chips on more than one occasion.
What the report also highlighted was that SMB's remain a target, it's just we tend to hear more news on Enterprise hacks as they are picked up by mainstream media. The move of many SMB's to cloud or at least hybrid deployments does not deter hackers, they just adapt their methods
Unsurprisingly their best practices don't really hold any surprises, monitor, secure, protect & train!