Earlier this year Verizon, following cooperation with authorities including the US Secret Service, the Police Central eCrimes Unit of the London Metropolitan Police and the Australian Federal Police, released the alarming findings of its 2012 Data Breach Investigations Report.
It found that of all the data breaches that had occurred throughout 2011, 96 per cent of attacks were not of a highly difficult nature to execute, and that 97 per cent of breaches included in the study would have been avoidable had simple or intermediate controls been put in place.
The report also found that 96 per cent of data breach victims required to adhere with the Payment Card Industry Data Security Standard (PCI DSS) had not achieved compliance at the time of the reported incident.
Now Verizon has looked to investigate this issue further, by analysing statistics compiled as part of the aforementioned Investigations Report across a number of individual industries.
In a series of released October 24, Verizon looks closely at four different sectors in order to determine which ones are meeting their vulnerability management obligations, and which ones are falling short.
According to the Verizon RISK team managing principal Wade Baker, understanding the nature of data breaches and what happens when they occur is an important part of taking a proactive approach to cybersecurity.
said Mr Baker, in a statement issued October 24.
According to Verizon, the accommodation and food services industry has been particularly vulnerable to data breaches in recent years, largely due to the fact that Point of Sale (POS) systems used in this sector make an easy target for criminals.
The retail industry is also quite vulnerable to data theft attacks, with franchises and other SME businesses being the most at risk.
Verizon notes that employees are often partially responsible for breaches in this sector, by clicking on malicious links contained in phishing emails or otherwise enabling a hacker to gain unauthorised access to confidential company networks.
Snapshots were also offered of the financial and insurance and healthcare sectors, with Verizon noting that the former faces some in protecting information while emphasising the need for the latter to ensure PCI DSS compliance on all POS applications.
More than 850 data breach incidents were analysed as part of the initial 2012 Data Breach Investigations Report, from which the information contained within these industry snapshots was sourced.