Abstract

Welcome to the 2014 Data Breach Investigations Report (DBIR).1 Whether you’re a veteran reader who’s been with us since our initial publication back in 2008 or a newbie to our annual data party, we’re sincerely glad you’re here. We hope that this year’s submission will improve awareness and practice in the field of information security and support critical decisions and operations from the trenches to the boardroom. For DBIR veterans, a cursory look at the table of contents will reveal some significant changes to the report structure you’ve gotten used to in years past. Rather than our signature approach organized around actors, actions, assets, timelines, etc., we’ve created sections around common incident patterns derived directly from the data itself (more on that later). Within each of those patterns, we cover the actors who cause them, the actions they use, assets they target, timelines in which all this took place, and give specific recommendations to thwart them. The drive for change is three-fold: first, we realized that the vast majority of incidents could be placed into one of nine patterns; second, we can (and did) draw a correlation between these incident patterns and industries; and third, we wanted to challenge ourselves to look at the data with a fresh perspective. The ultimate goal is to provide actionable information presented in a way that enables you to hash out the findings and recommendations most relevant to your organization.

Links

• https://www.researchgate.net/publication/289254763_2014_Verizon_Data_Breach_Investigations_Report

Citation

Verizon, 2014. 2014 Data Breach Investigations Report (Verizon DBIR Research Report). Verizon.