Phishing and credential theft associated with cloud-based mail accounts
have risen as the prominent attack types.
670 incidents, 157 with confirmed data disclosure
Top 3 Partners
Web Applications, Everything Else, and Miscellaneous Errors represent
81% of breaches within Professional Services
External (77%), Internal (21%), Partner (5%), Multiple parties
Financial (88%), Espionage (14%), Convenience (2%) (breaches)
Credentials (50%), Internal (50%), Personal (46%) (breaches)
Wide range of services, narrower range of threats
Professional Services is a broad category even by NAICS standards, and the members of its ranks include law offices, advertising agencies, and engineering and design firms to name only a few. Starting with a focus on the data lost in the 157 Professional Services breaches, Figure 56 gives us an idea of the types of data most commonly involved in these cases.