This industry saw phishing attacks in 28% of breaches and hacking via stolen credentials in 23% of breaches. In incident data, Ransomware accounts for approximately 80% of Malware infections in this vertical. Educational Services performed poorly in terms of reporting phishing attacks, thus losing critical response time for the victim organizations.
819 incidents, 228 with confirmed data disclosure
Everything Else, Miscellaneous Errors, and Web Applications represent 81% of breaches
External (67%), Internal (33%), Partner (1%), Multiple (1%) (breaches)
Financial (92%), Fun (5%), Convenience (3%), Espionage (3%), Secondary (2%) (breaches)
Personal (75%), Credentials (30%), Other (23%), Internal (13%) (breaches)
Implement a Security Awareness and Training Program (CSC 17), Boundary Defense (CSC 12), Secure Configuration (CSC 5, CSC 11)