Verizon’s 2019 Data Breach Investigations Report (DBIR) is probably this year’s second-most anticipated report (after Robert Mueller’s). In its 12th edition, the security report contains details on more than 2,000 confirmed data breaches in 2018, taken from more than 70 reporting sources and analyzing more than 40,000 separate security incidents.

What sets the DBIR apart is that it combines breach data from multiple sources using the common industry collection, VERIS, a third-party repository where threat data is uploaded and made anonymous. This gives the report a solid authoritative voice, which is one reason why it’s frequently quoted. Report citations also come from vendor telemetry sources, so it is also a bit self-referential. 

I’m calling these megatrends because they are big issues, and my intent is to provide a larger context. I broke them into two distinct groups: one where there is general agreement between the DBIR and other sources, and one group where opinions are mixed. Read the report to determine what applies to your specific situation, but in the meantime, let’s take a look at the big six.

Three commonly agreed-upon trends  

The C-suite has become the weakest link in enterprise security. This is especially true as general phishing success continues to decline. Executives are up to 12 times more likely to be the target of breaches than in the past, largely through the use of better spear-phishing techniques. The report cites a range of rates depending on the particular vertical market for the business involved. For example, executives in professional services firms are six times more likely than other executives to be spear-phishing targets.  

“A successful pretexting attack on senior executives can reap large dividends as a result of their—often unchallenged—approval authority and privileged access into critical systems,” according to the DBIR. CloudStrike agrees with the trend in its 2019 Global Threat Report, citing several well-known malware campaigns conducted by a variety of North Korean, Russian, and Chinese state-sponsored agencies.

“Increasing targeting of C-level execs is the new reality, and [these executives] must make sure that the critical data is secured where it is stored,” says Dan Tuchler, chief marketing officer at SecurityFirst. 

Senior executives are also more likely—by wide margins—to be targets of breaches that involve attacks that use social media ploys. “The drastic increase in social attacks on C-level personnel points to the increased demand for cybersecurity awareness in the C-suite,” says George Wrenn, founder and CEO at CyberSaint Security.

IT takeaways: Use periodic security awareness training. Set up treasury and payment processing duties with two-party signoffs and multifactor authentication (MFA) protection on these users’ accounts. Also, spend more time to understand how to better protect your executives.