Verizon 2019 Data Breach Investigations Report
The 2019 DBIR is finally here! Some interesting items at first glance:
32% of breaches involved phishing
33% included Social attacks
43% of breaches involved small business victims
34% involved Internal actors
–Figure 21, page 14. In sanctioned phishing exercises, click rates are down to 3% (a good sign, but one just one click can be devastating)
The gray box on page 14 (social engineering) is also interesting: "Research points to users being significantly more susceptible to social attacks they receive on mobile devices. This is the case for email-based spear phishing, spoofing attacks that attempt to mimic legitimate webpages, as well as attacks via social media. . . ."
. . .