One of the most respected publications in cybersecurity is the Verizon Data Breach Investigations Report (DBIR), analyzing over 150,000 incidents and providing a comprehensive analysis covering the 32,002 incidents and 3950 breaches that meet Verizon’s quality standards. I liked very much how they choose to represent the concept that no industry, no region, no market is excluded; using a page of differently colored squares to illustrate how wide, pervasive, and data-driven their 3950 breaches analyzed has been.
Concerning the findings, nearly half (45%) of the breaches featured Hacking. The large majority of them have been perpetrated by external actors, which reinforces the idea that a value chain is present behind almost all hacking attempts. This evidence is also highlighted by the common denominators section, showing that 86% of breaches are financially motivated.
This same section shows that near the half (43%) of the breaches involved Web Applications. This shows the crucial importance of having a solid CI/CD pipeline where security is totally integrated as early as possible in the DevOps lifecycle.