Verizon Business 17th-Annual Data Breach Investigations Report Highlights Human Element in Cyber Threats

Verizon Business released its 17th-annual Data Breach Investigations Report (DBIR), shedding light on the alarming rise of cyber threats driven by human error. The report analyzed 30,458 security incidents and 10,626 verified breaches in 2023, indicating a significant two-fold increase from the previous year.

A key takeaway from the report is the role of the human element in cyber threats, with more than two-thirds of breaches involving insider errors or falling for social engineering schemes. Despite this consistent risk concern, reporting practices have improved, with 20% of individuals recognizing and reporting phishing in simulated exercises.

Vulnerability exploitation also saw a sharp increase, accounting for 14% of all breaches, with a three-fold rise driven by zero-day vulnerabilities exploited by ransomware actors. Other findings include extortion in 32% of breaches, evolution of ransomware into complex forms of extortion, and 31% of breaches involving stolen credentials.

Security leaders emphasize the need for a dual approach to cybersecurity, focusing on both technological defenses and comprehensive user education. They urge organizations to adopt strategic vulnerability management and holistic defense mechanisms to stay ahead of evolving cyber threats. With the increasing complexity and interconnectedness of digital systems, a human-centric security posture combined with AI and machine learning tools is crucial to mitigate risks and protect sensitive data across industries.

As cyber threats continue to evolve with AI technology advancements and supply chain attacks, organizations must prioritize security measures and employee training to combat sophisticated attacks. The rise of AI co-pilots, API security, and responsible AI adoption will be key focus areas for cybersecurity professionals in the coming years to safeguard against potential breaches.