Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported CasesNew data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.

We’d like to think our security stance includes some really great abilities to detect, investigate, detect, and remediate an attack. But new data from the Identity Theft Research Center’s Q1 Data Breach Analysis report shows that many organizations simply don’t know how to find the root cause of an attack resulting in a data breach.

Q1 saw 445 reported data breaches, down from 512 the previous quarter. Despite the lower number of breaches reported to the ITRC, they did notice an increase in the percentage of breaches where there was no actionable information about the root cause of the compromise. In 42% of data breaches in Q1, organizations had no indicators of where the initial compromise occurred. To make matters worse, of the top ten data breaches reported, 60% of them could not identify a root cause.

Not knowing how threat actors got in leaves the door open for continued leverage of the likely persistence established to either attack again or sell off the access to another threat group.

According to the report, 378 of the data breaches were cyber attacks, with the top three attack types being phishing, ransomware, and malware. Cyber attacks in total affected over 85 million victims – the lion’s share of all the reported data breaches, representing 95% of all victims impacted within data breaches of all types in Q1.

Even without knowing the root cause, there are really only three major initial attack vectors to address: RDP access (simple fix: get rid of any external remote access), vulnerabilities (a bit tougher, but patch and scan for vulnerabilities), and phishing attacks (addressed with a layered set of security solutions matched with a user base that is enrolled in continual security awareness training to ensure any malicious content that gets pass security solutions is spotted by users before they unwittingly help the attacker).

The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews