Human error tops causes of data breaches, says Verizon report

Share post:

Human error continues to be a leading factor in data breaches, according to Verizon’s annual analysis of cyberattacks around the world. That was one of the conclusions of the 2022 Verizon Data Breach Investigations Report, which looked at 23,896 incidents last year, 5,212 of which were confirmed breaches. The data came from 87 cybersecurity vendors, researchers and consultants. Eighty-two per cent of breaches in 2021 involved the human element, the authors found. “Whether it is the use of stolen credentials, phishing, misuse, or simply an error, people continue to play a very large role in incidents and breaches alike,” the report says. Mistakes alone were responsible for 14 per cent of breaches. “This finding is heavily influenced by misconfigured cloud storage,” the report adds. It doesn’t say explicitly, but this category would include misconfigured Amazon storage buckets. Among the highlights (or lowlights, depending on your point of view):
  • ransomware has continued its upward trend, making up 25 per cent of breaches, an almost 13 per cent rise over 2022. That’s a rise as big as the past five years combined, the report says.”It’s important to remember that, while ubiquitous and devastating, ransomware by itself is, at its core, a model of monetizing an organization’s access,” the report adds. Blocking the abuse of credentials (stolen or brute-forced), keeping employees from falling for phishing, keeping attackers from exploiting vulnerabilities and blocking botnets are the best ways to thwart ransomware;
  • roughly 4 in 5 breaches can be attributed to organized crime, with external actors approximately four times more likely to cause breaches in an organization than insiders;
  • supply chain attacks were involved in 61 per cent of incidents last year. “Compromising the right partner is a force multiplier for threat actors,” the report noted. One of the best-known supply chain attack in 2021 was the compromise of Kaseya’s VSA platform;
  • system intrusion was the leading cause of 1,638 breaches with confirmed data disclosure in Canada and the U.S.. That was followed by social engineering, and basic web application attacks. And globally, 62 percent of system intrusion incidents came through an organization’s partners;
What should CISOs be doing? Of the Center for Internet Security’s 18 Critical Security Controls, emphasize these five, says the report:
  • Data Protection. This control pertains to the processes and technical controls to identify, classify and securely handle organizational data in all its form. This control helps prevent organizations from accidentally exposing their data through email or misconfigurations;
  • Secure Configuration of Enterprise Assets and Software. This control contains safeguards focused on engineering solutions that are secure from the outset, as opposed to tacking them on later. It offers substantial benefits when it comes to reducing error-based breaches such as misconfiguration and loss of assets by enforcing remote wiping abilities on portable devices;
  • Account Management. This control is very much targeted toward helping organizations manage the access to accounts and is useful against brute force and credential stuffing attacks;
  • Access Control Management. This Control manages the rights and privileges of users and enforces multifactor authentication on key components of the environment, an important defense against the use of stolen credentials;
  • Security Awareness and Skills Training. Considering the prevalence of errors and social engineering in the data, the report’s authors say it is clear that security awareness and technical training are a great place to put some dollars in order to help support your team against a world full of cognitive hazards.
The post Human error tops causes of data breaches, says Verizon report first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

LinkedIn introduces verification for recruiters to combat scams

LinkedIn announced today the launch of a new verification process for job recruiters, a move aimed at curtailing...

Cyber Security Today, Week in Review for week ending Friday, April 5, 2024

This episode features a discussion on a highly critical report on the hacking of Microsoft Exchange Online email accounts, a case study of a ransomware attack and the discovery of a years-long infiltration of an open source group to insert a backdoor

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways