Learning Center Home > Data Security > Data Breach Trends

Data Breach Trends
Data Security

2019 Data Breach Trend Analysis

https://info.securitymetrics.com/2019-data-breach-analysis

Results from 2018 SecurityMetrics Forensic Investigations

2019 Data Breach Trends

2019 PCI DSS Data Breach Analysis

SecurityMetrics Forensic Investigators have witnessed the rise and fall of popular attack trends over 16 consecutive years. 

Comparing 2018 forensic trends to previous years, SecurityMetrics’ Forensic Investigators conducted more forensic e-commerce investigations than point-of-sale (POS) environments. For example, in 2018, approximately 80% of payment-card-related investigations were of e-commerce breaches compared to  2017 where only 33% of investigations were e-commerce breaches. 

The following data visualization is an analysis of SecurityMetrics’ Payment Card Industry Forensic Investigation results from 2018:


PCI DSS Requirements Implemented at the Time of Compromise

The following graphs demonstrate the compliance of compromised businesses we investigated noting whether each requirement at the time of compromise in 2018 was in place or not:

REQUIREMENT 1: Protect Your System With Firewalls

  • In place 75%
  • Not in place 25%
  • Unknown 0%

REQUIREMENT 2: Use Adequate Configuration Standards

  • In place 90%
  • Not in place 10%
  • Unknown 0%

REQUIREMENT 3: Secure Cardholder Data

  • In place 39%
  • Not in place 61%
  • Unknown 0%

REQUIREMENT 4: Secure Data Over Open and Public Networks

  • In place 82%
  • Not in place 0%
  • Unknown 18%

REQUIREMENT 5: Protect Systems with Antivirus 

  • In place 37%
  • Not in place 63%
  • Unknown 0%

REQUIREMENT 6: Update Your Systems

  • In place 35%
  • Not in place 65%
  • Unknown 0%

REQUIREMENT 7: Restrict Access

  • In place 82%
  • Not in place 18 %
  • Unknown 0%

REQUIREMENT 8: Use Unique ID Credentials

  • In place 64%
  • Not in place 36%
  • Unknown 0%

REQUIREMENT 9: Ensure Physical Security

  • In place 67%
  • Not in place 33%
  • Unknown 0%

REQUIREMENT 10: Implement Logging and Log Monitoring

  • In place 33%
  • Not in place 67%
  • Unknown 0%

REQUIREMENT 11: Conduct Vulnerability Scans and Penetration Testing 

  • In place 27%
  • Not in place 73%
  • Unknown 0%

REQUIREMENT 12: Start Documentation and Risk Assessments

  • In place 20%
  • Not in place 80%
  • Unknown 0%

 

Non-compliance Contributed to Data Breach

The following is a list of how noncompliance with the different PCI requirements affected   breaches for compromised organizations in 2018:

REQUIREMENT 1: Protect Your System With Firewalls

  • Contributed 22%
  • Didn’t Contribute 78%
  • Unknown 0%

REQUIREMENT 2: Use Adequate Configuration Standards

  • Contributed 0%
  • Didn’t contribute 78%
  • Unknown 22%

REQUIREMENT 3: Secure Cardholder Data

  • Contributed 0%
  • Didn’t contribute 60%
  • Unknown 40%

REQUIREMENT 4: Secure Data Over Open and Public Networks

  • Contributed 0%
  • Didn’t contribute 82%
  • Unknown 18%

REQUIREMENT 5: Protect Systems with Antivirus

  • Contributed 62%
  • Didn’t contribute 38%
  • Unknown 0%

REQUIREMENT 6: Update Your Systems

  • Contributed 43%
  • Didn’t contribute 57%
  • Unknown 0%

REQUIREMENT 7: Restrict Access

  • Contributed 0%
  • Didn’t contribute 80%
  • Unknown 20%

REQUIREMENT 8: Use Unique ID Credentials

  • Contributed 23%
  • Didn’t contribute 77%
  • Unknown 0%

REQUIREMENT 9: Ensure Physical Security

  • Contributed 18%
  • Didn’t contribute 82%
  • Unknown 0%

REQUIREMENT 10: Implement Logging and Log Monitoring

  • Contributed 65%
  • Didn’t contribute 35%
  • Unknown 0%

REQUIREMENT 11: Conduct Vulnerability Scans and Penetration Testing

  • Contributed 67%
  • Didn’t contribute 33%
  • Unknown 0%

REQUIREMENT 12: Start Documentation and Risk Assessments

  • Contributed 70%
  • Didn’t contribute 30%
  • Unknown 0%


2018 FORENSIC TAKEAWAYS

  • The average organization was vulnerable* for 275 days

  • Cardholder data was captured* for an average of 127 days

  • Cardholder data was exfiltrated* for an average of 127 days

  • 50% of organizations were breached through remote execution/injection

  • 33% of organizations were breached internally (i.e., employee assisted).

  • 17% of organizations were breached through phishing emails.

  • 57% of organizations had firewalls in place at time of compromise.


TERMS TO KNOW

  • Vulnerable: A state in which a weakness in a system, environment, software, or website could be exploited by an attacker.
  • Captured: The time that data is being recorded, gathered, or stored from an unauthorized source.
  • Exfiltrated: The unauthorized transfer of data from a system.

Download the latest guide to PCI compliance

Download Now

2018 Data Breach Trend Analysis

http://info.securitymetrics.com/infographic-data-breach-visualization-2017

Results from 2017 SecurityMetrics Forensic Investigations

2018 Data Breach Trends



2017 Data Breach Trend Analysis

http://info.securitymetrics.com/2016-data-breach-trends

Results from 2016 SecurityMetrics Forensic Investigations

2017 Data Breach Trends


Think You've Had a Data Breach?

Click for Incident Response


We are excited to work with you.

*Required

Thank you!

Your request has been submitted.