Industries: Introduction
Please provide the information below to view the online Verizon Data Breach Investigations Report.
Thank You.
Thank you.
You will soon receive an email with a link to confirm your access, or follow the link below.
Thank you.
You may now close this message and continue to your article.
- 2024
- Summary of Findings
- Introduction
- Helpful Guidance
- Results and Analysis - Introduction
- Incident Classification - Introduction
- Industries - Introduction
- Accommodation and Food Services Data Breaches
- Educational Services
- Financial and Insurance Services
- Healthcare Data Breaches
- Information Industry Data Breaches
- Data Breaches in Manufacturing Industries
- Professional Services Data Breaches
- Public Administration Data Breaches
- Retail Data Breaches and Security
- Introduction to Regions
- Wrap Up
- Appendix
- Corrections
- Download the full report (PDF)
Greetings! If you are just stepping onto the DBIR scene, please consider this your orientation. For our more seasoned veterans, feel free to simply breeze past—this terrain should be familiar ground.
As mentioned previously, in this report we examined 30,458 incidents, of which 10,626 were confirmed data breaches. We will view both of these categories in a more granular fashion, along with how they played out in the various industries and regions, in the following sections of the report. As we have mentioned in previous editions, what keeps one industry tossing and turning at night may not even register as a blip on another’s radar. It boils down to attack surfaces—the prime real estate for cyber malfeasance. When you factor in the nuances of specific types of threat actors, the technological infrastructures underpinning each sector, the type of data an organization handles and retains, and how folks access and use that data, you’ve mixed a potent cocktail of security complexities.
For example, consider a tech behemoth swimming in the digital sea of mobile devices and their respective apps. Its risk profile looks markedly different from that of a boutique establishment relying on a point-of-sale system or a simple e-commerce platform supported by its vendor. Furthermore, these findings are also influenced by reporting requirements, which means that industries may experience varying levels of scrutiny from that perspective. Finally, smaller sample sizes for given industries are also an important factor that comes into play with regard to statistical analysis (smaller sample sizes result in lessened statistical confidence). Therefore, we ask readers to refrain from rushing to conclusions about an industry’s security posture based solely on incident reports.
If you are here for insights tailored to your industry, we recommend that you spend time looking at the top patterns for your industry and reading up on the relevant pattern sections of the report. Just to let you know, the DBIR aligns with the North American Industry Classification System (NAICS) to determine which industry an organization belongs to. More detail on this can be found in Appendix A.
Table 2. Number of security incidents and breaches by victim industry and organization size