PRO+ Premium Content/Information Security

Editor's note: this is part two of a two-part series covering the Verizon DBIR 2017. You can read part one, regarding the rise of ransomware and pretexting here. A growing theme across the recent years of the Verizon Data Breach Investigation Report (DBIR) is how the lack of basic cybersecurity plays a part in many of the breaches and security incidents every year, but Verizon suggested vulnerability patching may not be as impactful as once thought. Dave Hylender, senior risk analyst at Verizon Business, told SearchSecurity the aim of the Verizon DBIR was to focus on the data and to "keep opinion out of it" whenever possible, because it could be difficult to give cybersecurity recommendations to the diverse audience of the DBIR. However, experts noted that the data alone was enough to highlight basic cybersecurity practices that were failing, such as limiting password reuse and implementing multifactor authentication (MFA). According to the 2017 Verizon DBIR, 81% of breaches leveraged "stolen passwords and/or weak or guessable ...