Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

    Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported CasesNew data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.

    We’d like to think our security stance includes some really great abilities to detect, investigate, detect, and remediate an attack. But new data from the Identity Theft Research Center’s Q1 Data Breach Analysis report shows that many organizations simply don’t know how to find the root cause of an attack resulting in a data breach.

    Q1 saw 445 reported data breaches, down from 512 the previous quarter. Despite the lower number of breaches reported to the ITRC, they did notice an increase in the percentage of breaches where there was no actionable information about the root cause of the compromise. In 42% of data breaches in Q1, organizations had no indicators of where the initial compromise occurred. To make matters worse, of the top ten data breaches reported, 60% of them could not identify a root cause.

    Not knowing how threat actors got in leaves the door open for continued leverage of the likely persistence established to either attack again or sell off the access to another threat group.

    According to the report, 378 of the data breaches were cyber attacks, with the top three attack types being phishing, ransomware, and malware. Cyber attacks in total affected over 85 million victims – the lion’s share of all the reported data breaches, representing 95% of all victims impacted within data breaches of all types in Q1.

    Even without knowing the root cause, there are really only three major initial attack vectors to address: RDP access (simple fix: get rid of any external remote access), vulnerabilities (a bit tougher, but patch and scan for vulnerabilities), and phishing attacks (addressed with a layered set of security solutions matched with a user base that is enrolled in continual security awareness training to ensure any malicious content that gets pass security solutions is spotted by users before they unwittingly help the attacker).

     

    Return To KnowBe4 Security Blog

    The world's largest library of security awareness training content is now just a click away!

    In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

    You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

    ModStore01-1The ModStore Preview includes:

    • Interactive training modules
    • Videos
    • Trivia Games
    • Posters and Artwork
    • Newsletters and more!

    Start Your Preview

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/training-preview

    Topics: Phishing, Ransomware, Data Breach

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews