Getting actionable intelligence about the data breach landscape isn’t always easy. Fortunately, the annual Verizon Data Breach Investigations Report (DBIR) is an exception to the rule. Based on the tech firm’s incident response engagements, as well as those of numerous third-party partners, it’s as good an annual snapshot as you’re likely to get. This year’s report features analysis of over 22,000 security incidents, including 12,195 confirmed data breaches.
The big takeaway for 2025 is that threats are rising on multiple fronts. It reminds us that the average corporate attack surface remains extensive, human error is an ever-present and supply chains are a constant source of risk. Faced with such odds, the best way of mitigating threats to corporate data is to secure it at source.
Among the main trends highlighted in this year’s report are:
Breach rates in financial services and retail firms assessed in the report remained relatively stable compared to the previous year. In the former, threat actors were successful “about a third of the time.” Notably, in financial services, more breaches this year involved not just a financial motive but also one of espionage; indicating that more sophisticated actors may be targeting the sector. System intrusion, social engineering and “basic web application attacks” represented three-quarters (74%) of breaches.
In the retail sector, there was a notable rise in espionage-driven attacks compared to last year. As per financial services firms, organizations in this sector need to worry most about system intrusion, social engineering and basic web application attacks, which accounted for 93% of all breaches. In web app attacks, credential reuse by negligent employees was a major source of risk, Verizon says.
All of which points to one simple truth: threat actors have multiple avenues via which to reach sensitive enterprise data, and many techniques to get them there. Even when it comes to credential compromise, it’s more than simple username/password combos that they’re after. The report says that secrets related to web applications, CI/CD development environments, cloud infrastructure and databases were also targeted.
So how should IT and security leaders go about mitigating data breach risk? The first obvious step is to protect the data itself. The larger and more dynamic the data environment, the greater the need for automated tooling to continuously discover and classify such data, before protecting it in line with policy. In terms of protection, tokenization is increasingly favored as it allows enterprises to continue leveraging it in cloud-based analytics platforms without exposing it to compromise or compliance risk.
By all means, layer up defenses on top of this, including:
However, none of these steps is a silver bullet. They may deter rudimentary attacks, but not necessarily determined, sophisticated threat actors. That’s why, in order to mitigate data breach risk, it pays to adopt a mantra of data-centric security.
comforte is offering your business a 30-day free trial of comforte Data Discovery and Classification, which features a new SaaS console manager. During the period, you’ll get a close-up look at how the product works in situ, and obtain a detailed understanding of where security and compliance risk exists across the organization. Most importantly, you’ll be able to see how the product could help to streamline your PCI DSS 4.0 compliance processes.
Get in touch today to start your free trial. We’re here to take the pain away from PCI DSS compliance.