Security Assessment Tool for the Information Industry


Information Services

 

 

Request your free report

In both incidents and breaches, Web App attacks continue to rise in this industry, due to its dependence on external services and the internet. Attacks are generally split between using web exploits and stolen credentials to gain access, which makes patching vulnerabilities on time exceedingly important.

  • Total incidents

    5,741

    The number of security incidents (Nov 2018 to Oct 2019) analyzed in this sector in the 2020 DBIR.

  • Top three patterns

    Web Applications 

    Miscellaneous Errors 

    Everything Else 

    The top trends that emerged from this sector’s data (Nov 2018 to Oct 2019) in the 2020 DBIR.

  • Threat actors 

    67% External 

    67percent


    34% Internal 

    34 percent


    2% Multiple 

    2 percent


    1% Partner 

    1 percent

  • Actor motives 

    88% Financial 

    88 percent


    7% Espionage 

    4 percent


    2% Fun 

    2 percent


    2% Grudge 

    3percent


    1% Other 

    1percent

  • Data compromised 

    69% Personal 

    69 percent


    41% Credentials 

    41 percent


    34% Other 

    34 percent


    16% Internal 

    16 percent

Considerations

  • Small mistakes can mean big consequences

    All employees make mistakes from time to time—even the tech experts who run our information infrastructure. Errors were the second most common breach, with the most common error being Misconfiguration, when a system admin sets up a database on the cloud without securely configuring it.

  • Anticipate your attackers’ tricks

    The Information sector has fallen prey to same kinds of social engineering attacks that impact everyone else. Social engineering attacks were split relatively equally across phishing and pretexting. One of the pretexting techniques is the use of typo-squatted domains of partners to send existing email threads or request an update to something like a bank account.

  • Fast data is a tempting target

    Cybercriminals know the value of fast data speeds and full bandwidth to this industry, which is why they’re resorting more and more to DDoS attacks. These attacks can pack a punch, slowing and disrupting an organization’s services and capabilities.

See the latest trends in cybersecurity.

 

Explore the results of the 2020 Data Breach Investigations Report (DBIR) and see what patterns emerged across the thousands of security incidents, from companies both big and small.

 

See an overview of all trends

Read specific insights about your industry


  • 2020 dbir cover
  • Understanding the threats can help manage risk effectively

    The threats are real, the attackers motivated. But something stands between them and your organizations data: you and your security teams, with the insight, perspective, and tools to take action. You'll find that all right here.

    Download the report