The nature and motive of data breaches could vary significantly across industries. Any strategy formulated without the understanding of those peculiarities in an industry will never be very effective.
The conversation around enterprise security and threat management has always been horizontal. While there is a broader recognition today that the business impact of an incident could vary significantly across industries, there has been little effort to understand how the fundamental metrics of threat vary across businesses.
That means a largely uniform, horizontal approach towards security.
The recently released Verizon Data Breach Investigations Report (DBIR) 2018 — the 11th edition of the study — reveals why that could be awfully inadequate.
Whether it is in terms of the origin (external vs internal) of breach/incidents, the type of data breached or the nature of the attacks, the nine industries covered by DBIR 2018 show significant difference. Some of those metrics are key to the understanding of the nature of threats and hence important from the point of view of a solutions approach.
For example, as much as 99% of the breaches occur in the accommodation (hospitality) industry involve external factors, while in healthcare, as much as 56% are internal. In fact, in hospitality, Point of Sales (PoS) accounts for 90% of all breaches.
“Often restaurants are smaller organizations without the luxury of trained security staff, but they are forced to rely almost exclusively on payment cards for their existence,” explains the report. These attacks are overwhelmingly motivated by financial gain and perpetrated by organized crime.
The differences are not just in the origin. The motives too are significantly different across industries. Though increasingly, financial motives are becoming predominant, in some areas—like manufacturing and public administration—espionage are almost equally strong motives. In healthcare, curiosity is a major factor.
The kind of data that is targeted also vary across industries. In Accommodation, 93% of compromised data is payment data; in education, 72% of data is personal. Credentials account for a huge 41% in the Information sector.
A good counter-threat strategy requires that the breaches are understood clearly. Each industry has a different mix of motives, origins and the kind of data that is targeted.
Since the security budget and resources are limited, they need to be channelized properly to optimize the effectiveness of the security strategy.
Depending on the nature of threat, the companies will not just be able to identify the investment priorities, it may also help an entire industry segment to come together to minimize certain threats. In areas like healthcare and public administration, a collaborative approach may be more effective than siloed approach.
DBIR 2018, based on analysis of over 53,000 real-world incidents including 2,216 confirmed data breaches, has proven beyond doubt that the security issues are not as secular across industries as they have been thought out to be.