Article Review Essay Example: Verizon Data Breach Investigations Report 2018

The Summary of the Article's Goal, Methodology and Findings

The Verizon Data Breach Investigation Report 2018 is aimed at providing significant insights into the trends as well as the evolution of the cybercrime through the analysis of the incidences in the last year. Through this, the report aims at helping business people and the society at large to learn from its past mistakes thereby developing a better understanding of what must be done in future.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

As part of the methodology used in this report, it is evident that al the incidents included in the report were individually and consequently converted into the VERIS framework to create a standard, anonymous aggregate dataset. Broadly, the VERIS framework stands for the Vocabulary for Event Recording and Incident Sharing. Besides, the method of collection and transformation differed among the contributors. Generally, the researchers broadly used three ways to accomplish the collection and conversation of the data collected. The three ways involved the firstly, a direct recording of the paid external forensic investigations as well as the related intelligence operations done by the Verizon through VERIS Web app. Secondly, a direct record by contributors through VERIS utilization and lastly the conversion of the existing schema of the contributors into VERIS.

The report integrates numerous findings. As part of the results, it was evident that 62% of the external data breaches originated from the organized crime groups. The 25.9% involved the internal data breaches that were caused by the system administration. This position contributed to a common insider threat. Further, the end users were also included in the data breaching activities and were believed to form an integral component of the dangers that emanated inside from 22.3%. The report also found that 58% of the data breaches were those that attacked the small businesses. In this way, the small businesses are the most stricken segment in the society. According to the report, 47 % of the manufacturing data breaches resulted from the motivation of stealing the intellectual property. Finally, the report revealed that about the 19.6% of the data breaches were those that intended to destroy the databases. In this way, the database became a major targeted enterprise asset. The major industries that were mainly focused on the breach included the healthcare, accommodation, public administration, retail as well as the finance. Undeniably, the major highlight and lesson taken from this report is a common refrain in the cybersecurity, but one that is repeated frequently to cause data breach frequently.

Article's most important findings and why they are important

A close look at the report shows that the Verizon provides industry-specific insights regarding the patterns of the attack, their actions and consequently the manner in which such incidences occur. Observably, the company first conducted the identification of 9 models that categorized the impacts of security within the past five years. The most important findings, in my view, were those that were related to the small businesses. The report proves that even though the small businesses may not be able to get the required and considerable attention that more significant data breach get, they experience the substantial data breaches across all sectors of the economy. It is undeniable to mention that the small business form integral component of the economy of any nation across the world. The inability and failure of the company to keep the information, individually the data customer information may cost the company millions of dollars in revenue lost as well as the fines. The impacts on the reputation are even more severe to mention. In reality, the small business must develop a proper understanding of the risks associated with the on-site data storage to learn about the effects of the security failures involved in the situations whereby the data breach has taken place.

The findings on the small businesses data breach are further vital because they provide the more profound insights to the managers of the small business about the possible impacts and risks they are likely to face. Primarily, the data breach in small companies will compromise the customers' data within the company. In the same way, the failure to keep the information safe may further complicate things within the new businesses whereby they could suffer a DDOS attack, which is the considerably distinctive type of malicious attack that may take down machines or even the entire network. Such attacks are made distinctively or indefinitely with the aim of disrupting the host's services. Small business must, therefore, view the data breach as a serious threat that should be dealt with by use of the proper security measures.

Assessment Regarding the Article's Contribution to the Field of Information Security

The most evident fact of the 2018 report is its role in contributing immensely to the field of the information security. Other than giving more profound insights regarding into the trends and the evolution of the cybercrime, the paper provides possible solutions and mechanisms through which the business manager can tackle the data breach issues in their companies. The report believes that making security a priority, conducting a risks assessment, developing an incident response plan, and consideration of the cyber insurance is vital in preventing the actual cases of the data breach as well as their impacts whenever they happen. Further, the articles encourage business people never to underestimate the importance of protecting sensitive data based on the roles played by the cybersecurity in this digital age.

Critique

As part of the report in the methodology, a report, several requirements must be established or met for a given entry to be eligible in the incidents breach corpus. Broadly, such entries must be confirmed security incidents that are defined within the contexts of confidentiality loss, integrity, or the availability. Other than meeting the threshold of the "security incident" the entry must be subjected for a quality assessment. While this aspect of the methodology constitutes the strength, the article does not provide comprehensive information regarding the treatment of the non-incident data within the context of the small businesses. The non-incident data integrate things such as the malware, patching, phishing, DDOS attack as well as other data types. In my view, this constitutes a significant limitation, which ought to have been addressed in a more detailed manner considering the security issues, factors and the infrastructures that affect the small business companies. Besides, the report should then discuss the relevant non-incident data and validate it against the knowledge of the contributor. Doing this will not only help provide vital insights regarding the information issues in small businesses but will also help unmask all the areas where the data breach are likely to emanate.

References

VERIZON (2018). Verizon Data Breach Investigations Report 2018. 11Th Edition Report