If you’re wondering why malware is still such a problem for security software companies to detect, it seems to be because attackers literally change the signature for almost every organization they target with malicious code. It doesn’t mean they have to build it from scratch, though. They only have to change it enough to make it look different to the scanning software.
Here are a couple of other interesting things about the state of enterprise data breaches that I learned from the 2015 Verizon Data Breach Investigations Report.
The Verizon report also found that ten vulnerabilities accounted for almost 97% of the exploits in 2014. What this tells me is that there are some “low-hanging fruit” that, if properly addressed by an organization, would have mitigated most of the risks that they face.
Verizon also did some estimations on the costs of a data breach that seem a little more practical and usable for many smaller organizations than the estimates published annually by Ponemon Institute. The Ponemon studies tend to deal with large organizations that have millions of sensitive records, where costs go into the millions of dollars for a breach.
Verizon estimates that for a breach of 1,000 affected records, the average total cost to the organization from the incident would be between $52,000 and $87,000 USD (or $52 to $87 per record). This is a metric that I think many smaller organizations might find more credible. However, the per-record cost for smaller breaches seems to be higher than for the larger ones.
So, the proportional effect on a small or medium-sized business from a security breach can be more severe than for larger organizations. Here’s a link to the 2015 Verizon DBIR.