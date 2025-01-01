Heavy duty work phone

Rugged Phones, Tablets & Devices Business

Better manage risks in extreme conditions. Connect and collaborate virtually anywhere with durable, rugged and ultra-rugged phones and tablets built for outdoor and harsh environments. Give active workers peace of mind when they're on the go. With dust and water resistance, these durable devices offer additional protection from the elements and unexpected bumps and drops. Epic for business. 3,900mAh battery and up to 25W Super Fast Charging. capability means you can stay in the moment without worrying about your battery. Plus confidently take on whatever your day brings with Galaxy S23 Series — fortified with Samsung's toughest glass and metal frame available. Wave goodbye to worry with Gorilla Glass 8 and Armor Aluminum, built to resist scratches and spills. IP68 Rated. Capture scribbles, strokes of genius and everything in between with the built-in S Pen. Galaxy S23 Ultra gives you the power to push through a packed work schedule. Thanks to its 5,000mAh battery and 45W Super Fast Charging 2.0. Plus confidently take on whatever your day brings with Galaxy S23 Series — fortified with Samsung's toughest glass and metal frame available. Wave goodbye to worry with Gorilla Glass 8 and Armor Aluminum, built to resist scratches and spills. IP68 Rated. See more, do more with an expansive, foldable screen With an all-day battery and super fast charging. Confidently take on your workday with the water- and scratch-resistant, durably designed Galaxy Z Fold5 — and keep your business running. Stylish and sturdy. Work without worry. All-day battery for a jam-packed schedule, plus Galaxy Z Flip5 is engineered to withstand the test of time without sacrificing its sleek, innovative design. Worry less knowing your device is water-resistant and that its ultra-durable hinge lets you fold and unfold without wear. Plus, Galaxy Z Flip5 is scratch-resistant and framed with Armor Aluminum — so it's ready to go wherever work takes you. When your workforce needs long battery life in harsher environments, we've got you covered. Temperature, dust, shock/vibration, and low pressure/high altitude are no match for these rugged phones and tablets, many with military grade certification. Work confidently with a durable design that withstands the drops and spills of your demanding work environment. MIL-STD-810H certified with IP68 rating. Long-lasting, Fast Charge replaceable battery. Programmable hot keys to access your most used apps, like Push to Talk Plus. Microsoft and Google Integrated. On-the-go teams can navigate this intuitive, 10.1" touchscreen, even wearing work gloves. Or connect to a keyboard and mouse like a PC. A durable and water-resistant design withstands drops, spills and extreme heat and cold. Slim and lightweight but heavy on durability. Wireless, Fast Charge battery with over 26 hours of battery life. 5G Ultra Wideband speeds and low latency. MIL-STD-810H compliant and IP68 rating for dust and water immersion protection.Push to Talk Plus and MCPTT capable. These ultra-rugged phones are designed for high performance in the harshest conditions. Help frontline workers and first responders be prepared for extreme environmental stressors including excessive heat and cold, noise, humidity, vibration and shock. The latest ultra-rugged smartphone from Sonim designed and built for those who can withstand any workday. Tested and validated to MIL-STD-810H, it offers a level of toughness rarely seen in a smartphone with Non-Incendive Class I, II and III Div 2 ratings. All-new X-frame reinforced construction with corner bumpers, and a non-slip texture for secure grip. MIL-STD-810H compliant, IP68 rated and hazardous location protection. Features include scratch & shatter-resistant display engineered for outdoor visibility, an ultra-durable, removable battery, programmable keys and loud, stereo front-facing speakers. Push-to-Talk Plus and MCPTT capable. Take photos and video even in extreme conditions with up to 56 hours of battery life. MIL-STD-810H compliant, IP68 rating and hazardous location protection. Programmable Push to Talk, SOS, Speaker and Stop keys. Dual loud-speakers and dual-mic noise cancellation for loud, clear audio. Ultra-rugged flip for those who produce, provide and deliver. MIL-STD-810H compliant with IP68 rating. ProgrammablePush to Talk Plus and emergency buttons, loud and clear audio speaker, and large, glove-friendly keypad. Rugged phones and tablets are designed to withstand environmental hazards such as dust, water and shock and often feature a tough frame, glass protection and a longer battery life with fast, wireless charging. Verizon offers three levels of rugged devices with increasing levels of durability in extreme conditions:,Durable: Ideal for lighter-duty activity and environmental exposure when on the go. These devices often have a IP68 rating or IPX8 rating for dust and water resistance, and are built to resist scratches with tough glass and strong metal frames. Rugged: When you need to rely on a long battery life and increased protection against more extreme temperatures, dust, shock/vibration, and low pressure/high altitude. Many devices in this category have been rigorously tested and are MIL-STD-810H compliant with an IP68 rating. A device with an Ingress Protection (IP) rating means it has been tested against small particles, such as dust and sand, and submersion in water. An IP rating with "6" as the first numeral (on a scale of 0-6) is the highest rating possible meaning the device is impervious to dust, or dust tight. An IP rating with an "X" instead of a numeral means the device hasn't been certified against dust but doesn't mean it isn't dust resistant. The second numeral, "8" (on a scale of 0 to 9) means the device is highly protected from immersion in water with a depth of more than 1 meter (manufacturer must specify exact depth) for at least 30 minutes. The MIL-STD-810H certification means a product has passed rigorous testing focused on nearly 30 environmental conditions. These military-grade devices are verified to perform in extreme conditions and qualify as heat-resistant, water- and dust-resistant, and shock-resistant. Verizon 5G service offers rugged device users high speed, low latency so you can access data fast, for better insights and efficiency. Needs will vary across industries and businesses. Just as with a personal phone, you will likely need to consider the basics such as how much data storage you need, the size and portability of the device as well as features such as wireless charging and photo or video capabilities. Then, consider the usage environment to determine if you need a durable, rugged or ultra-rugged device. Consider:,Could the environment cause damage if the device is dropped?,What are the weather and temperature conditions?,Is the device likely to be exposed to extreme temperatures, rain, or snow?,Will you need to operate the device with gloves on?,Will the device be used in a frontline situation?,How critical is a replaceable battery to your worker's demands?,Having a device you can rely on in adverse conditions helps you and your teams stay connected, collaborate and get the job done. SOS and push to talk features also offer a safety lifeline even in challenging situations. Choose an ultra rugged cell phone when you need the utmost durability, reliability and long battery life in extreme, hazardous conditions. Options vary by manufacturer and device. Supercharging Digital Collaboration for the Mobile Workforce

Adam Holtby | Principal Analyst,The world of work has experienced many social and economic disruptions over the past few years. These disruptions have been further compounded by numerous business technology changes including the rise of artificial intelligence (AI), the transition to digital-first communication and collaboration, and the enabling of hybrid working at great speed and scale. Mobile is at the core of these changes, and the need to enable more mobile-centric work has become an important mandate for businesses across all industries. Embracing a mobile-centric approach to work requires businesses to address not just technological aspects and practices that guide how work gets done. Business leaders must remember that it is not just the locations people work from that have changed; the fundamental nature of work has also been subject to disruption. As more employees engage in work away from the traditional office, businesses must establish a technology and support infrastructure that enables, secures, and empowers every worker, regardless of their location. With the growing importance of digital and mobile-first channels for collaboration and engagement, businesses must swiftly adapt to meet evolving employee expectations. Failure to do so can result in tangible operational, regulatory, and financial ramifications. This mobile transformation journey is not one that businesses should walk alone. Recruiting the support of experienced digital partners will be instrumental to success. These partners must deliver the technical capabilities and expertise that businesses need to be successful. Solutions spanning mobile connectivity, mobility management, security, productivity, and collaboration will all be important instruments of success. Given the complexity of business mobile-centric initiatives, organizations should also look for partners that can help them navigate the tactical challenges they may face. Technical support programs, consistent engagement, and professional services will be pivotal elements of these partnerships. The data and insights discussed in this report are derived from the 2023 Business Mobile Collaboration survey, a collaborative study between Omdia and Verizon. In addition to being a fundamental element of modern work, mobility has evolved to become a vital enabler of business communication and collaboration. With its growing significance in modern business and digital experiences, there is a heightened demand to empower and enable a more mobile workforce. The 2023 Business Mobile Collaboration survey explored the role of mobility in modern organizations. The survey was structured to unearth the important communication, collaboration, and productivity trends driving business mobile initiatives in organizations of various sizes and across numerous industries. Digital capabilities are becoming increasingly important in empowering employees across the entire business, from back-office knowledge workers through frontline workers who are often closest to those consuming the products or services delivered by the business. Though information workers are often those most strongly associated with conversations around digital transformation, the reality is that true success comes from enabling as many workers as possible with transformative digital technologies, including mobile capabilities. Mobile devices and apps have the potential to transform work for every employee, so a focus on the entire workforce is vital when a business embarks on a mobile initiative. This is especially important when we consider the significant number of employees that occupy frontline worker roles. As Figure 1 shows, more than half the population of the total workforce are frontline workers. The proportion of frontline workers relative to information workers is even more pronounced in industries such as healthcare (63%), manufacturing (60%), and retail (63%). Because frontline workers make up such a large segment of the overall workforce, businesses have an opportunity to enhance operational efficiencies and transform frontline work by providing these workers with new digital capabilities. Mobile devices and apps are of particular importance to frontline workers because many of these employees operate away from a traditional desk and perform their duties across diverse locations. Ensuring that frontline workers have access to mobile capabilities that foster collaboration and enhance productivity becomes paramount. Mobile should not be a digital business capability limited to a select few or corporate VIPs; rather it should be democratized and made accessible to all employees, enabling widespread benefits across the organization. Source: 2023 Business Mobile Collaboration survey,Employees who are often the closest link between a business and those consuming its products and services. Includes retail, construction, healthcare sales representatives, manufacturing operators, etc. Employees who often work in centralized back-office roles and do not have direct engagement with customers or those consuming services the business produces (IT, marketing, HR, finance/accounting, etc)Source: 2023 Business Mobile Collaboration surveyAccording to the survey, 60% of the workforce currently use a mobile device for work purposes. This number is consistent across businesses in different industries and of all sizes. With such a substantial number of employees reliant on mobile devices, it is imperative for businesses to ensure that connectivity is seamless and that collaboration and productivity across these devices is optimal. A critical factor in achieving this goal is ensuring mobility is not an afterthought when it comes to businesses' application and workflow design. Mobile use cases must be at the core of the collaboration and productivity experiences that businesses are delivering to employees. Improving system access and usability across mobile is a crucial step in providing the best possible employee experiences. Our research also shows that employees across frontline and back-office operations are reliant on a diverse set of mobile devices and capabilities to get work done. This data shows that frontline and information workers have different preferences relating to the primary devices they would like to use for work purposes. 60% of the workforce currently use a mobile device for work purposes,The change in work styles and locations embraced by many employees over recent years has also brought about a more mobile and digital-first nature to the way people communicate and collaborate at work. As the data in Figure 3 shows, business leaders feel that making collaboration more seamless and compatible with hybrid work styles will deliver important benefits. It is evident that business and IT leaders see frontline and information workers benefiting differently from mobile collaboration capabilities. For frontline workers, improving task efficiency—which drives increased productivity—and customer service are the most important benefits identified. These benefits are aligned closely to the profile of frontline workers, specifically how these employees often work closely with customers in roles that often have clearly defined and often repeatable tasks. For information workers, the mobile collaboration benefits that leaders are looking to realize include improving access to business information and resources and advancing communication between internal employees. Again, these aspirations are closely aligned to the characteristics of information workers, who rely heavily on business information and resources and often work in centralized and sometimes siloed business functionssuch as IT, HR, finance, and marketing. It is important that businesses acknowledge there is no dominant universal benefit of improving collaboration; different employees will benefit in different ways. Communicating, and improving business understanding of, the diverse set of benefits associated with a mobile collaboration initiative is important to gain corporate buy-in and support but also to enhance adoption and utilization of the technologies that will ultimately support any initiative. What do you feel will be the most important benefit of improving mobile collaboration within your organization?,Note: n=300,Strategically, business leaders are looking for investment in collaboration tools to help improve operational efficiencies and employee productivity and to strengthen the relationships they have with customers (See Figure 4). Reducing costs was another important identified priority. Businesses often have investments in a diverse estate of different communication and collaboration capabilities that extend across fixed, mobile, and digital apps. Consolidation and rationalization here can help organizations reduce costs associated with communication and collaboration capabilities. What are the top strategic outcomes your organization is trying to accomplish through its communication and collaboration tools and services?,Improve operational efficiency,Improve customer interactions and relationships,Improve employee productivity,Omdia advises businesses to place mobile at the core of a communication and collaboration strategy going forward. Business use of mobile devices and collaboration capabilities via these devices is more secure than ever, and these technologies are also more readily accessible to different types of workers. This sentiment is shared by businesses, with the majority identifying that improving access to digital collaboration capabilities via mobile devices will be a priority over the next 18 months. In addition to improving collaboration, businesses are also prioritizing improvement of employee productivity across mobile. This underscores businesses' belief in the way mobile devices and apps are becoming key enablers of positive digital experiences. Generative AI is also poised to play an important role in this context, specifically in the way the technology will help improve how employees interact with productivity applications, including word processors and spreadsheet tools, many of which were not natively designed with mobile in mind (See Figure 5). Note: n=300,Advancing workplace mobility delivers productivity and employee experience benefits, but it also presents businesses with new challenges, notably around security. Our survey shows that, in addition to BYOD security, businesses also see connectivity as a significant challenge that will be important to overcome over the next 18 months.Improving understanding of employee productivity and ensuring effective communications across mobile are other notable challenges (See Figure 6). The focus on securing BYOD activity highlights the importance of businesses having a bimodal approach where both corporate and personally owned mobile devices can be effectively managed and secured. There is certainly a resurgence happening around BYOD. According to business leaders, BYOD is now the most popular provisioning and management model for smartphones, with just under half of organizations (44%) saying it will be the preferred approach going forward. This surpasses the 32% of businesses that would prefer a corporate-liable approach to smartphone provisioning and security. Despite the resurgence of BYOD activity, it is evident that organizations still have concerns over how to secure it. Help here, in the form of both new technologies and security expertise, will be important. What will be the most challenging aspect of mobile working for your organization over the next 18 months? (top four responses only),Securing an employee BYOD program,Ensuring employees have the mobile connectivity they need to work effectively,Ensuring employees can effectively communicate and collaborate across mobile,Understanding how productive employees are,Workstyle adaptations and a change in employee preferences to work in a more mobile fashion are also set to increase demand for mobile collaboration services. Just under half (43%) of business and IT leaders said they expect demand to increase over the next 18 months, and just 7% believe demand will decrease (See Figure 7). The increased investment many businesses have planned is indicative of the importance leaders are attaching to mobile capabilities and services in enhancing overall employee collaboration. Optimizing experiences across mobile has become of paramount concern for organizations. In addition to making collaboration more seamless and intuitive across mobile, businesses must also focus on optimizing processes and applications to align with mobile use cases. This is especially important for employee support processes, because being able to access and engage with technical and other support workflows is crucial. Additionally, and as more work takes place across mobile, it is important that mobility management and security tools become an important part of the new digital infrastructure being created by businesses. Having a unified way to manage and secure mobile devices and apps alongside a more traditional PC estate is one way in which infrastructures are evolving to become more mobile centric. Ensuring employees have seamless connectivity across different locations and devices is another important consideration. Businesses are recognizing the significance of establishing a cohesive mobile strategy that not only enhances collaboration but also optimizes processes, fosters security, and promotes seamless connectivity across the entire organization. How do you feel demand for mobile collaboration services will change in your business over the next 18 months?,Note: n=300,We also asked business and IT leaders what they felt the two top areas of impact would be should their organization decide not to invest in mobile collaboration capabilities. Respondents said that business operations and employee collaboration would suffer the most negative consequences. Just over half (51%) of respondents felt that business processes and working practices would be damaged, with 45% of respondents highlighting employee collaboration as an area of potential concern. The implications of overlooking and failing to act on the mobile collaboration opportunity extend beyond just strategic considerations; there are also financial and regulatory repercussions should businesses get things wrong. Almost two-thirds (63%) of respondents cautioned that their business would face financial or regulatory penalties if sensitive business information and communications were unsecured, via personal messaging applications, for example. In an era when employees can communicate via a diverse range of devices and apps, it is important thatbusinesses cater to employee collaboration preferences. Striking a balance between having robust security measures and delivering great employee experiences can be challenging, but it is crucial. If employees feel the collaboration experience delivered by their employer is suboptimal, they may resort to personal options that lack appropriate business governance and security. This poses a considerable challenge for organizations that need stringent oversight and governance controls over business communications for auditing purposes. This issue is particularly critical for businesses in heavily regulated industries, where failure to adequately govern employee communications has resulted in significant financial penalties being imposed. Which of the following would be most affected if your organization chose not to invest in mobile collaboration capabilities?,Note: n=300,Business processes & working practices,Employee collaboration,Customer interactions,Would your company face financial and/or regulatory penalties if sensitive business information and communications were shared on a mobile device in an unsecured way?,Note: n=300,The increased demand expected by businesses for mobile collaboration services over the next 18 months is also affecting strategic mobility investment plans. Our research shows that just 9% of businesses will look to decrease overall investment in workplace mobility, and 50% are looking to invest in new mobile collaboration capabilities. This is an encouraging finding, especially given the challenging global economic climate. Business mobile ecosystems comprise myriad technologies that collectively empower organizations to effectively manage, secure, and facilitate mobile work. As a more mobilecentric approach to work becomes more prevalent, businesses are focusing on investing in mobile capabilities that strengthen the overall digital infrastructure. Our research indicates that businesses are planning to invest in a combination of different mobile collaboration capabilities over the next two years. Capabilities including AI-based support agents on mobile, native mobile dialer and collaboration app integration, rich text communication services, and secure communications on BYOD are all investment priorities for businesses. Will external economic factors and/or internal financial factors influence your investments in workplace mobility?,Note: n=300,Plan new investment,Investment will stay the same,Decrease,The growing business interest in enhancing how mobile calling and messaging are more richly converged into collaboration apps is representative of a broader trend that is gathering momentum. Use of collaboration apps across PCs has accelerated at great speed and scale over recent years. Platforms such as Microsoft Teams, RingCentral, Zoom, and Webex have become important tools for employees that not only help them communicate better but also enhance how they interact with important work resources. However, integration between these in-app collaboration capabilities and native mobile features could be improved, specifically around calling and messaging. A lack of convergence here can damage employee experiences and expose businesses to security risks. Improving integration between these over the-top collaboration apps and native mobile calling and messaging capabilities will help make communication more seamless and accessible. Key benefits of this more converged communication and collaboration approach include:,Enable mobile AI-based customer/employee support agents,Seamless call transfer between native mobile dialer and collaboration apps,Rich text communication services (RCS, iMessage),Enable corporate communications on personal employee devices (BYOD),What is the primary metric/indicator you will use to track how mobile is affecting overall business collaboration? Showing top four of eight total response options,Note: n=300,Though it is crucial to have strategic aspirations and the necessary technology in place, it is equally important for businesses to establish appropriate measures of success to assess the effectiveness of their mobile collaboration initiatives. Surprisingly, 17% of businesses are not currently tracking the impact of mobile on overall business collaboration. Across the manufacturing and retail industries, the proportion failing to track progress is even greater: around a quarter of businesses currently have no measures in place. Among those organizations that do have some form of measure or indicator in place, employee productivity improvements and better communication between employees, customers, and partners are the most common indicators relied on. In order to comprehensively assess the progress of any mobile collaboration initiative, businesses will need to rely on a combination of quantitative and sentimentbased indicators. Employee experience and satisfaction, collaboration solution adoption and utilization, and collaboration across mobile are examples of indicators businesses are using to gauge success and potential improvement opportunities. Which type of partner/supplier do you feel is best suited to support your workplace mobility goals?,Note: n=300,(e.g. AT&T, T-Mobile, Verizon),(e.g. Microsoft, Google, VMware),(e.g. Presidio, Avanade),(e.g. CDW, TD Synnex, etc.),In addition to the opportunities, business mobile initiatives also present many new challenges. Adopting the support and expertise of experienced digital partners will be important to success. It is mobile operators that most businesses feel are best suited to supporting their workplace mobility goals. Mobile operators occupy a unique position in delivering the diverse range of mobile capabilities businesses need to become truly mobile centric. These capabilities span cellular connectivity options, mobility management, and security solutions; mobile productivity; and collaboration. The strong pull businesses have to mobile operators is also largely in part attributable to the priority attached to mobile network coverage. This is evidenced when we analyze the capabilities and criteria organizations prioritize when selecting a business mobility partner. Here, it is pricing, network coverage and quality that businesses view as the most important mobile partner capabilities. A partner's security and privacy competencies and capabilities, in addition to the strength of features and functionality of any solution, are other important criteria. It will be important for mobile operators to further strengthen business awareness around the mobile capabilities they deliver beyond just connectivity. In addition to mobile and security solutions, supporting businesses in converging collaboration capabilities around mobile will be important for mobile operators. What are your top two criteria for selecting a business mobility partner/provider?,Note: n=300,Work-style evolutions and changing employee demands have put mobile at the top of the digital agenda. Many employees now rely on mobile technologies, but business workflows and processes must evolve around mobile use cases. Businesses must become more mobile centric in delivering better employee experiences and improving operations. A cohesive strategy and putting mobile at the core of the new digital-first infrastructures businesses are building are vital. If the mobile solutions and programs offered by a business are suboptimal, employees will gravitate to personal and less secure options. The implications for organizations can be costly, especially when sensitive business communications are shared via unsanctioned communication channels. Businesses need to work with the appropriate solutions and leverage the expertise of partners that can help them navigate these risks. Employees are increasingly collaborating across a range of different communication options, including mobile devices, collaboration apps, and tethered phones. DBIR Report 2023 - Results and Analysis - Intro Business

The information provided will be used in accordance with our terms set out in our . Please confirm you have read and understood this Notice. By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our . California residents can view our . Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time. Indicates a required field. The content access link will be emailed to you. You will soon receive an email with a link to confirm your access, or follow the link below. You may now close this message and continue to your article. Hello friends, and welcome to the "Results and analysis" section. This is where we cover the highlights we found in the data this year. This dataset is collected from a variety of sources, including our own VTRAC investigators, reports provided by our data contributors and publicly disclosed security incidents. Since data contributors come and go, one of our priorities is to make sure we can get broad representation on different types of security incidents and the countries where they occur. This ebb and flow of contributors obviously influences our dataset, and we will do our best to provide context on those potential biases where applicable. As some of you may have noticed over the years, the incident data collection we do is based on the VERIS Framework. It has been the bedrock upon which our multiyear dataset has been built and is what allows us to be able to speak with confidence when trends in the attack landscape surface. Our dataset currently contains 953,894 incidents, of which 254,968 are confirmed breaches, and we can't wait to celebrate with you when we reach 1 million incidents!,In VERIS, the core categories we use to describe an incident are called the 4As: Actor (who), Action (how), Asset (where) and Attribute (what). An incident needs all these four to be "complete," even if at the end of the day some of those are unknown to the parties investigating the incident. Keep an eye out for our instructive callouts in each of those sub-sections giving more context on our VERIS categories. Let's go over the results for each one of these. Life can be scary and unpredictable, which is why we like to start our results discussion with the cozy and familiar Actor analysis. It really is true, as they say, that the only certainties in life are death, taxes and External actors. As Figure 11 demonstrates, External actors were responsible for 83% of breaches, while Internal ones account for 19%. It is worth reminding our readers that Internal actors are not only responsible for intentional harm in these cases, but they are also just as likely to be responsible for Error actions. Regardless, the clear frequency of External actors as instigators of breaches is a datapoint that has held steady ever since we started this gig. External threats originate from sources outside of the organization and its network of partners. Examples include criminal groups, lone hackers, former employees and government entities. This category also includes God (as in "acts of"), "Mother Nature" and random chance. Typically, no trust or privilege is implied for external entities. Internal threats are those originating from within the organization. This encompasses company full-time employees, independent contractors, interns and other staff. Insiders are trusted and privileged (some more than others). Partners include any third party sharing a business relationship with the organization. This includes suppliers, vendors, hosting providers and outsourced IT support. Some level of trust and privilege is usually implied between business partners. Note that an attacker could use a partner as a vector, but that does not make the partner the Actor in this case. The partner has to initiate the incident. Long-time readers of the report will be similarly shocked to learn that Financial motives still drive the vast majority of breaches (Figure 12), showing growth in relation to last year with a whopping 94.6% representation in breaches. If we look inside to see which external actors are the hardest working, the top performer is Organized crime (Figure 13). What is most interesting in Figure 13, however, is realizing that the internal variety of End-user shows up more often than the external variety State-sponsored attackers. Those organization employees are mostly involved in Misuse (read, internal malicious activity) and Errors (accidents), which suggests where we should be paying more attention on our day-to-day security management. This is relevant because we were expecting some increased activity in State-sponsored attacks, be it Espionage-related or not, due to the ongoing conflict in Ukraine. Even with anecdotal evidence of increased ideology or hacktivism-related attacks stemming from the geopolitical discussion, it really isn't making a dent in larger statistical terms. It is also worth noting that this kind of activity would also be unlikely to disrupt our average reader's organization. Action, as the name would imply, is what brings dynamism to our report. What dastardly deeds have the threat actors been up to? If you replied "ransomware," we'd say you have no imagination, but you would also be right. This pesky Malware variety has been holding our talking points hostage for years now, and we can't scrounge up enough cryptocurrency to pay the ransom!,Figures 14, 15, 16 and 17 describe the top Action varieties (what happened in more detail) and vectors (how those actions came to pass). attempts to intentionally access or harm information assets without (or exceeding) authorization by circumventing or thwarting logical security mechanisms. any malicious software, script or code run on a device that alters its state or function without the owner's informed consent. anything done (or left undone) incorrectly or inadvertently. employ deception, manipulation, intimidation, etc. to exploit the human element, or users, of information assets. use of entrusted organizational resources or privileges for any purpose or manner contrary to that which was intended. deliberate threats that involve proximity, possession or force. not only includes natural events such as earthquakes and floods but also hazards associated with the immediate environment or infrastructure in which assets are located. As expected, the charts are led by either first-stage or single-stage attacks, namely Use of stolen creds for breaches and Denial of Service for incidents. This is consistent with previous years. What is concerning, if unsurprising, is having Ransomware take over the second spot in incidents, now being present in 15.5% of all incidents. Meanwhile, the share of Ransomware did not grow in breaches and held steady (statistically, at least) at 24%. You can see the evolution of both in Figure 18. That almost a quarter of breaches involve a Ransomware step continues to be a staggering result. However, we had been anticipating that Ransomware would soon be hitting its theoretical ceiling, by which we mean that all the incidents that could have Ransomware, would have. Ransomware is present today in more than 62% of all incidents committed by Organized crime actors and in 59% of all incidents with a Financial motivation, so sadly there is still some room for growth. Eagle-eyed readers will notice the absence of Partner and Software update as action vectors for incidents this year, in contrast to last year's "software supply chainpocalypse." Instead, our collective Christmas was ruined by another Ghost of Technical Debt Past: the Log4j vulnerability popularly known as CVE-2021-44228. We will be spending some time digging into the Log4j vulnerability in the "System Intrusion" section, but it is worth noting that the presence of the Exploit vuln action has kept stable in incidents and is actually less prominent in breaches, dropping from 7% to 5%. So, did the collective security industry sacrifice its holidays for nothing?,Not quite. This is one of those cases where the alternatives are just more popular. Use of stolen creds, our current champion, increased its share from 41.6% to 44.7%, which more than accounts for the drop in Exploit vuln. More importantly, there was swift action from the community to spread awareness and patch all the different systems that had Log4j as a component. That surely helped avert a bigger disaster, so our success makes it look like it wasn't a big deal after all. In fact, Log4j was so top-of-mind in our data contributors' incident response that 90% of incidents with Exploit vuln as an action had "Log4j," or "CVE- 2021-44228" in the comments section. Granted, only 20.6% of the incidents had comments at all, so even if it can't fully represent the whole dataset, it certainly speaks to how significant the vulnerability was in late 2021 and early 2022 for the incident response teams. Finally, before I lose your attention, we should touch base on Loss. This action variety describes losing a physical device or media by accident and is often paired with the Carelessness action vector. It did show up fairly high in incidents. This is often because the data could not be confirmed as having been accessed and was therefore considered at risk rather than a breach. It is worth pointing out though that those were mostly concentrated in the data from some of our public sector contributors, where this sort of event is more tightly reported. Regardless, we know everyone was super excited about leaving the house again as the pandemic waned, but please keep an eye on your stuff when you go work from the coffee shop. In case you just wandered out of an Accounting 101 class, our Assets are more than the numbers that you list on the left side of your balance sheet. They encompass the entities that can be affected in an incident or breach and end up being manipulated by the threat actors for their nefarious goals. The callout box describes some of the most common top-level Assets in VERIS and some of the most common attack patterns that target them. Figure 19 has the breakdown of varieties of Assets affected in breaches, and the results are pretty much what would be expected given the focus of System Intrusion, Basic Web Application Attacks and Social Engineering as the top attack patterns this year. We can see a small fluctuation on the top three, as slightly less Servers were affected and slightly more User devices, but this order has held true for at least a couple of years, ever since Person overtook the second spot. Don't forget that in VERIS, people are assets too, and they are the "where" that is affected by social threat actions. a device that performs functions of some sort supporting the organization, commonly without end-user interaction. Where all the web applications, mail services, file servers and all that magical layer of information is generated. If someone has ever told you "the system is down," rest assured that some Servers had their Availability impacted. Servers are common targets in almost all of the attack patterns, but especially in our System Intrusion, Basic Web Application Attacks, Miscellaneous Errors and Denial of Service patterns. the folks (hopefully) doing the work at the organization. No AI chat allowed. Different types of Person will be members of different departments and will have associated permissions and access in the organization stemming from this role. At the very least they will have access to their very own User device and their own hopes and dreams for the future. Person is a common target in the Social Engineering pattern. the devices used by Persons to perform their work duties in the organizations. Usually manifested in the form of laptops, desktops, mobile phones and tablets. Common target in the System Intrusion pattern but also in the Lost and Stolen Assets pattern. People do like to take their little computers everywhere. not the concept, but the actual network computing devices that make the bits go around the world, such as routers, telephone and broadband equipment, and some of the traditional in-line network security devices, such as firewalls and intrusion detection systems. Hey, Verizon is a Telecommunications company, OK?,precious diluted data in its most pure and crystalline form. Just kidding, mostly thumb drives and actual printed documents. You will see the odd full disk drive and actual physical payment cards from time to time, but those are more rare. Common in the Lost and Stolen Assets pattern. Breaking the Asset varieties down further in Figure 20 showcases Web application and Mail servers on top, as would be expected, but it is interesting to see Person - Finance trending up from last year as we see a related growth in Pretexting social actions. We will be discussing those, and more specifically BECs, in the "Social Engineering" section of this report. As a parting note, we continue to see very small numbers of incidents involving Operational Technology (OT), where the computers interface with heavy machinery and critical infrastructure, as contrasted with incidents involving Information Technology (IT), where we keep our cat pictures and internet memes. Industries like Manufacturing and Mining, Quarrying and Oil & Gas Extraction + Utilities continue to be relatively well-represented in our dataset, but reports of actual impact on OT devices are still too few for us to meaningfully write about in this report. For those keeping track, we had a 3.4% showing of OT assets in breaches that declared their impact. In summary— keep your attention level high, given the potential impact when those systems are affected, but either those numbers are very low overall, or they just don't make it to our contributors' dataset due to national security concerns. When VERIS describes Attributes, it is directly referencing the CIA triad in information security (InfoSec): Confidentiality, Integrity and Availability. It's a tried-and-true method of understanding the potential impact of an incident by describing what properties of the asset were potentially affected. The next time you meet an incident responder in the wild, know that all that goes through their mind is, "Did the asset or a copy of the data get out the door" (Confidentiality), "was it changed from a known and trusted state" (Integrity) and "do we still have access to it ourselves?" (Availability). Please offer them a word of kindness and a beverage, because it is a very tortured existence. If you are feeling cold, they are cold too. One of the most interesting Attribute varieties we track year over year is the Confidentiality data varieties (Figure 21), or what kinds of data got out in a breach. Personal data represents Personally Identifiable Information (PII) from your customers, partners or employees, and it is the one that usually gets companies the most in trouble with regulators, as more and more privacy-related laws are passed around the world (although Medical data is a whole other ball of earwax). refers to limited observation and disclosure of an asset (or data). A loss of confidentiality implies that data were actually observed or disclosed to an unauthorized actor rather than endangered, at-risk or potentially exposed (the latter fall under the attribute of Possession and Control). Short definition: limited access, observation and disclosure. refers to an asset (or data) being complete and unchanged from the original or authorized state, content and function. Losses to integrity include unauthorized insertion, modification and manipulation. Short definition: complete and unchanged from original. refers to an asset (or data) being present, accessible and ready for use when needed. Losses to availability include destruction, deletion, movement, performance impact (delay or acceleration) and interruption. Short definition: accessible and ready for use when needed. Internal data and System data are usually byproducts of an extensive breach with multiple steps, as information from emails and documents are vacuumed up by threat actors. Credentials have really gained ground over the past five years, as the Use of stolen credentials became the most popular entry point for breaches. Of course, we still get specific data being beset, such as Medical, Bank account information and Payment card data. Those could be specific, targeted events or just be a part of the data that is acquired during a ransomware attack with data exfiltration. And just in case you are not tired of us moaning about ransomware, please enjoy Figure 22, where we can see another impact of the ransomware growth as the Obscuration of data became the most common availability impact variety, handily overcoming plain old Loss of data. One data variety really caught the DBIR team's attention this year: Virtual currency. We saw a fourfold increase this year in the number of breaches involving cryptocurrency from last year. That is a far cry from the days of innocence in 2020 and earlier, when we got one or two cases maximum each year. If our cartoon animal NFTs had these kinds of returns, we can assure you we would be living large and writing this report from our Lambos, not from our parents' basements. Figures 23 and 24 show the top action varieties and vectors in breaches involving virtual currency, and it is a fierce competition between Exploit vulnerabilities, Use of stolen creds and Phishing. These types of breaches fall between the actual coin networks or exchanges being breached via their applications and application programming interfaces (APIs), or phishing and pretexting activity on chat platforms (like Discord) of the coin communities, where after a simple click on a link, suddenly your wallet is not yours anymore. Having assets in virtual currency is a risky endeavor at best, even when there are no bad actors involved in rug-pulling.26 The added focus of threat actors on these types of assets doesn't make the landscape any easier. Our parting message is that unless security is taken seriously in those cases, we, in fact, are not going to make it. We certainly won't shut up about it,Not sure if we should be celebrating security incidents, but everyone loves a round number. Here's hoping being a millionaire doesn't get to our dataset's head, and they decide to join the "Great Resignation" and retire in some tropical tax haven. That's what they say, right?,OK, actually twice as likely. Huge win for anarchists and other state-abolishing ideologies, if you ask us. No, Mr. Bond, MI6 does not represent our average reader. Wouldn't you know, the moment we mention anything has not had relevance in our dataset, something new happens to remind us that change is the only constant. Best of luck for the teams responding to the 3CX supply-chain breach in late March 2023 as we close out this section. Make sure to keep copious notes so we can talk about it in a future edition of the report. Just rolls off the tongue, doesn't it?,Who here was working on the Y2K bug? Don't forget to schedule your shingles vaccine!,In everyone's defense, most of the data sharing happening here is machine-to-machine. Long gone are the days of artisanal, bespoke, VERIS-coded incidents for most of our contributors. For the extremely online folks, we apologize for the psychic damage. 