Identity at the Center #45 - The 2020 Verizon Data Breach Investigations Report
May 25, 2020
Dive into the intriguing findings of the 2020 Verizon Data Breach Investigations Report. Discover why credential theft is at the forefront, affecting a staggering 37% of breaches. The hosts discuss the differences in attack patterns between small businesses and enterprises, plus the risks of malware and phishing leading to credential compromises. Gain insights into the effectiveness of antivirus software and the complexities of removing local admin rights. They also explore how organizations typically detect breaches and the importance of risk conversations with leadership.
AI Snips
Chapters
Transcript
Episode notes
Small And Large Face Similar Threats
- Small and large organizations now face more similar threats as both adopt cloud and SaaS.
- Legacy complexity remains in large firms, but service adoption narrows threat profiles.
Malware Often Starts The Chain
- Malware was a dominant action type in many incidents and often delivered via email.
- Malware frequently initiates multi-step breach chains that lead back to credentials.
Hacking Is Often Identity-Based
- 80% of hacking cases in the report were brute force or use of lost/stolen credentials.
- Hacking largely reduces to identity compromise rather than exotic zero-days.