It's a first place prize you actually don't want to win.
But according to BakerHostetler's sixth annual Data Security Incident Response (DSIR) Report, phishing continues to earn the award.
With metrics from 950 cyber incidents handled last year by the firm, you know these insights are comprehensive. The DSIR Report analyzed incidents impacting entities of all sizes and industries, including healthcare, finance, insurance, education, professional services, energy, government, manufacturing, technology, retail, and hospitality.
Phishing schemes are still the number one cause of a cybersecurity incident.
"For the fifth year in a row, phishing remained the leading cause of incidents at 38%, followed closely by network intrusion at 32%. The remaining top causes were inadvertent disclosure (12%), stolen/lost devices or records (8%) and system misconfiguration (5%)."
The more interesting piece uncovered during the report is what happens after the phishing attack. If one of your end-users clicks a malicious link, then what?
The incidents studied found falling for a phish led to the following :
Based on the incident response of its clients, the law firm says average security investigation and forensics costs dropped in 2019 to $58,034, from $63,001 the previous year.
Dan Pepper is a partner on BakerHostetler's Privacy and Data Protection team. He's leading a SecureWorld Remote Sessions broadcast (live and on-demand) around third-party risk and how you should reevaluate the effectiveness and efficiency of your third-party risk right now.
Register here: Managing Third-Party Cyber Risks During COVID-19
The presentation will discuss the necessary elements of a robust program, together with key considerations for managing cyber risks during the pandemic.