See what I did there?  😉  If you’ve been following my blogging for several years, you know that I like to cover the Verizon Data Breach Investigations Report (DBIR) every year, which analyzes the reported cybersecurity and data breach incidents for the year.  Did you think a new blog was going to change that?  🙂

The 2020 DBIR report just came out – a little later than usual (understandably) – and it may be the largest report yet!  This is the thirteenth year of the report and the sixth year I’ve covered it.

The report, as always, starts with an interesting quote.  This year’s quote was “Experience is merely the name men gave to their mistakes” (from Oscar Wilde in The Picture of Dorian Gray).  Hey, that sounds familiar!

And, in case you’re wondering what all those squares represent in today’s graphic, they’re not a TV screen test pattern.  They represent a subset of the 3,950 breaches that were identified by Verizon this past year (because all of the squares won’t fit).  Each of the squares is organized by the 16 different industries and four world regions they cover in this year’s report. In addition to that, Verizon also analyzed a record total of 157,525 incidents this year.  Here is how those numbers compare to the past two years:

• 2019: 41,686 incidents and 2,013 confirmed data breaches
• 2018: over 53,000 incidents and 2,216 confirmed data breaches

So, this year had almost twice as many data breaches and almost three to four times the number of incidents as the past two years.  Wow.

This year’s report is also 119 pages (as opposed to 78, 68 and 76 the last three years).  So, it’s very comprehensive.

Here are a few other notable stats:

• 45 percent of breaches featured Hacking;
• 70 percent of them were perpetrated by External actors;
• 86 percent of breaches were financially motivated (15 percent higher than last year);
• 81 percent of breaches were contained in days or less (that’s in stark contrast to the stat from two years ago where 68 percent of breaches took months or longer to discover).  Does that mean that organizations are much better able to identify breaches early?  We’ll see.

As always, the report is chock full of graphics and statistics which makes it easier to read than the size of the report indicates. You can download a copy of the report here.  Though at 119 pages, it may still take a while.  You might need a Snickers bar, just sayin’…  😉

So, what do you think?  Have you ever experienced any data breaches, either personally or professionally?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.