By Robert Hackett
April 29, 2017

As a cybersecurity reporter, my email inbox bursts at the seams with pitches hyping reports that claim to reveal all sorts of hacking trends. Almost invariably, these lures tease outrageous findings without any mention of methodology. Nuances such as scope, number of people polled, networks analyzed, over what time period, and by what means are conveniently excluded—usually, one finds, because the stats are not up to snuff. Instead: “Hackings surged 7,000%!!! Would you like to talk to so-and-so about it?”

That’s one reason why it’s such a pleasure to pore over Verizon’s annual data breach investigations report, one of the best-sourced surveys around. The telecom giant released its 10th edition early Thursday morning. Teaming up with 65 contributing organizations, Verizon’s analysts scrutinized 42,068 security incidents, of which 1,935 qualified as full-blown data breaches. They sliced and diced the data every which way, and admirably owned up to their own blind spots. As the 76-page paper humbly submits in its characteristically folksy tone: “It is a piece of the information security puzzle—an awesome corner piece that can get you started—but just a piece nonetheless.” (Later, the authors thank the reader for “once again taking the time to dig into our InfoSec coddiwomple.”)

Here are some of the bits that caught my attention this year. First, each industry has its own flavor. The tech sector is the most reliable at patching its systems, sealing up 97.5% of known holes within 12 weeks of a vendor releasing software updates. (Compare that to retail and to food and hospitality, where little over 60% gets patched in the same time period.) The manufacturing, education, and public sectors are the most rife with cyberespionage, where spies seek to steal intellectual property, proprietary research, and state secrets. Healthcare is the only industry in which insider threats, meaning rogue employees, are the predominant threat actor. And financial services and insurance companies most commonly contend with distributed denial of service attacks, which overload computer servers with Internet traffic.

Another notable finding: ransomware continues to explode. The frequency of attacks featuring this malicious software, which holds victims’ computer files for ransom, increased 50% in 2016 compared to the year prior, Anastasia Atanasoff, a data scientist on Verizon’s security team, told me. This year ransomware clocked in as one of the top five most common varieties of malware, rocketing from 22nd place in 2014. It’s worth noting that Verizon’s analysts counted ransomware attacks as “incidents” rather than “data breaches” in the report, “because typically we cannot confirm that data confidentiality was violated.” In other words, it’s hard to know whether the attackers actually laid eyes on the data they locked up.

For some Saturday reading, I recommend the full report. No document provides a more rigorous overview of the security challenges businesses face today. In an industry where marketing puff often crowds out reliable information, the Verizon report is a welcome read.

Robert Hackett


Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach me via Twitter, Cryptocat, Jabber (see OTR fingerprint on my, PGP encrypted email (see public key on my, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


You May Like