This year we collected 157,525 incidents and 108,069 breaches. That may sound impressive until you realize that 100,000+ of those breaches were credentials of individual users being compromised to target bank accounts, cloud services, etc. We break those out into the Secondary motive subset in the Incident classification patterns and subsets section. After filtering for quality and subsetting, we are left with the incidents and breaches in Table 1.
Our annual statement on what not to do with this breakout will now follow. Do not utilize this to judge one industry over another; a security staffer from an Administrative organization waving this in the face of their peer from the Financial sector and trash-talking is a big no-no. The number of breaches or incidents that we examine is heavily influenced by our contributors. These numbers simply serve to give you an idea of what we have to “work with,” and is part of our pledge to the community to be transparent about the sourcing of the data we use in the report.
Figures 51 and 52 come with yet another warning. The numbers shown here are simply intended to help you to get your bearings with regard to industry. The smaller the numbers in a column, the less confidence we can provide in any statistic derived from that column.