The plague of enterprises leaving cloud storage holding private data unprotected is starting to show up in the security statistics and is one of the few attacks on the rise, according to the Verizon Data Breach Investigation Report for 2020.
That reality is both good and bad, said Gabe Bassett, senior information security data scientist at Verizon Enterprise. The bad news is that misconfiguration errors still exist. The good news is that companies are reporting these breaches more and quantifying the issue. "I don't think it is a case of enterprises making more errors as much as them being reported more," said Bassett.
And that's just to name a few. This figure in Verizon's DBIR report tells the tale and shows how misconfiguration errors are trending.
Also: SMBs see cyberattacks that rhyme with large enterprises due to cloud shift
From the report:
Errors definitely win the award for best supporting action this year. They are now equally as common as Social breaches and more common than Malware, and are truly ubiquitous across all industries. Only Hacking remains higher, and that is due to credential theft and use, which we have already touched upon. Misconfiguration errors have been increasing. This can be, in large part, associated with internet-exposed storage discovered by security researchers and unrelated third parties.
Verizon's DBIR report is based on 81 contributing organizations in 81 countries. Verizon analyzed 157,525 incidents. Of those, 32,002 met quality standards and 3,950 were confirmed data breaches.
At a high level:
Other key takeaways from the Verizon DBIR include: