Verizon DBIR challenges data breach cost estimates
Michael Mimoso reports:
The 2015 Verizon Data Breach Investigations Report (DBIR) did some mythbusting on two fronts: the estimated cost per record lost in a breach is much lower than reported elsewhere; and mobile malware is a no-go. The DBIR is Verizon’s annual data dump collected from breaches it has investigated, along with contributed data from 70 of its partners. Now in its eighth iteration, the data points continue to trend in favor of attackers, who continue to be much quicker at finding and exploiting vulnerabilities than defenders are at discovering attackers on their systems and cutting them off. In close to 80 percent of incidents (the 2015 DBIR covers 79,790 incidents and 2,122 confirmed breaches), attackers’ time to compromise was days or hours, while only close to 35 percent of breaches were detected by defenders in the same time frame.
Read more on ThreatPost.