Global telecommunications firm Verizon has claimed that a large number of security breaches could be prevented if organisations were to utilise security patches as soon as they are released.
According to the company’s research, many existing vulnerabilities remain open because despite security patches being available for some time, they were never implemented.
The Verizon 2015 Data Breach Investigations report draws upon a survey of 70 contributing organisations, 79,790 security incidents and 2122 confirmed breaches across 61 countries.
The document is a culmination of 11 years’ worth of data and intends to provide a comprehensive view of data security in the market.
It also revealed that phishing remains a favourite tactic for cyber criminals – 23% of recipients open phishing messages, 11% then click on attachments and it takes 82 seconds from the start of campaign to first bite.
Malware too remains a significant threat and Verizon claims five malware events occur every second.
Half of organisations participating in the research discovered malware events during 35 or fewer days of being compromised last year.
“We continue to see sizeable gaps in how organisations defend themselves,” claimed Verizon Enterprise Solutions vice president of global security Mike Denning.
“While there is no guarantee against being breached, organisations can greatly manage their risk by becoming more vigilant in covering their bases.
“This continues to be a main theme, based on more than ten years of data from our Data Breach Investigations Report series,” Denning added.
Alongside an identification of most likely threats to hit an organisation, Verizon has also issued guidance on what can be done to prevent data breaches.
Advice includes increased vigilance, making people your first line of defence, keeping data on a ‘need-to-know’ basis, patching prompting, encrypting sensitive data, using two-factor authentication and not forgetting physical security.