Previewing the 2023 Verizon Data Breach Investigation Report

New vulnerabilities, new attacks.
New technologies, new attacks.
New defenses, new attacks.

Keeping up with the newest attack methods is almost as hard as keeping up with ChatGPT-based apps, services, and browser plugins. It's a Sisyphean practice that security practitioners can't avoid, so it helps for them to have trusted sources to stay current about the latest threats and trends from trusted sources. Verizon has established themselves as one of the leading voices in cybersecurity with their annual Data Breach Investigation Report (DBIR). Affectionately emerging as a pseudo-cybersecurity bible, the Verizon DBIR is a trusted industry resource, offering valuable insights into the changing threat landscape.

In this blog post, we will explore the significance of the DBIR, examining past highlights, key findings, and takeaways from recent data breaches in 2023 as well as occurrences within the past 12 months. Additionally, we will delve into the anticipated areas of focus and predictions. 

Historical Trends, Key Findings, and Takeaways

The DBIR has consistently delivered a wealth of data-driven information, providing organizations with critical insights they can trust. Each report builds upon the previous ones, analyzing historical trends to identify common attack vectors and methods with drill-downs for a variety of specific industries. Last year, the 2022 DBIR found that hacking Web Applications, DoS attacks, and Email-based attacks led global data breaches. These insights help organizations understand attackers' focal points when targeting their organization. By recognizing these trends, organizations can enhance their defenses and implement proactive measures to mitigate risks.

What to Expect from the 2023 Verizon DBIR

As the release of the forthcoming 2023 Verizon Data Breach Investigation Report approaches there are a few expected key focuses and predictions we have for the the Upcoming Report.

Expected 2023 DBIR Focuses:

• Industry and Region Analysis: In-depth examination of cybersecurity challenges and trends within sectors such as healthcare, finance, and retail, in addition to focusing on the growth of cyberattacks targeting and originating from emerging regions around the world. 
• Cloud Security: Insights into the security vulnerabilities and best practices associated with organization's increasing adoption and reliance on cloud-based applications and services.
• Multi-channel threats: a significant increase in coordinated attacks across multi-communication channels including such as email, smishing (SMS phishing), vishing (voice phishing), and attacks targeting collaboration tools like Microsoft Teams, Slack, and Zoom.

2023 DBIR Predictions:

• Rise of AI-Driven Attacks: We predict their analysis of recent data breaches in 2023 will show that threat actors are leveraging artificial intelligence (AI) and machine learning (ML) techniques to enhance attack capabilities, automate attack distribution, and evade traditional security defenses.
• Shift toward Social Engineering Tactics: Exploration of the evolving landscape of social engineering attacks, including advanced phishing techniques, deepfake technology, and psychological manipulation, and their impact on individuals and organizations.
• Increased Insider Threats: In 2022, Verizon reported that data breaches occurred from 'External sources 73% of the time, internal sources 18% of the time, and Partners 39% of the time. At IRONSCALES we predict an increased share of data breaches to come from Internal and Partner sources. We expect increased attention on insider threats, highlighting the risks posed by malicious insiders, compromised partners, and unintentional employee actions or negligence.

DBIR Public Insights & Sentiment

IRONSCALES conducted a survey of our community to gauge the Verizon DBIR's influence on their respective cybersecurity strategies and some of their predictions for the report.

The poll data reveals that our audience expects an increase in phishing attacks and ransomware in comparison to previous years' DBIR reports. Additionally, the polled audience finds the annual insights from the Verizon DBIR into the latest attack vectors, best practices, and guidance on strengthening defenses to heavily influence their organizations' strategies and budgets.

Historical utilization of DBIR findings by organizations has proven to be significant. Past reports have helped organizations identify vulnerabilities, improve incident response capabilities, and implement proactive measures to safeguard their system. 

Verizon DBIR Summary

The Verizon Data Breach Investigation Report is a critical resource for cybersecurity professionals seeking to navigate the ever-changing security landscape and we expect the 2023 DBIR to be no exception. The release of the DBIR promises to guide many security leaders looking to adapt their current strategies as well as one's looking to completely re-engineer their approach.

Register for our upcoming webinar next month where we will be joined by fellow security professionals to dive deep into the report's findings as well as some of the key elements we believe are worth expounding on.

Subscribe to our blog where will be releasing a Verizon DBIR 2023 summary providing our takeaways from the report.

Join us for our upcoming webinar covering the Verizon Data Breach Report 2023 here.

Register to attend Verizon's forthcoming DBIR webinar series here.