Chris Novak is Director of the Verizon Threat Research Advisory Center and a strategic cybersecurity advisor to multinational corporations and government agencies worldwide.
Operating and securing Verizon’s global backbone network provides a unique window — and some crucial insights — on the evolving and pervasive nature of cybersecurity attacks propagating across the world.
We see that threat activity not only from the perspective of network engineers and security experts working for Verizon — who actually witness threat actors targeting thousands of accounts — but also through our work with commercial and public sector customers who are trying to mitigate those attacks.
We’ve shared many of those insights over the past 13 years in Verizon’s annual Data Breach Investigations Report (DBIR). The latest edition examines who and what are triggering cyber breaches across 16 major industries, including the public sector, and the lessons that can be learned from those breaches.
On one level, this year’s findings paint a familiar, albeit disturbing picture:
- 67% of all breaches come from three types of attacks: credential theft, user errors and social attacks.
- 58% of breaches involved personal data, double the rate from a year ago.
- 27% of malware incidents involve ransomware, a threat that keeps getting bigger.
But on another level, we also see a deeper set of concerns as organizations struggle to address the full spectrum of security challenges they face today — the breadth and depth of which have begun to overwhelm even the best-run IT departments. Chief among these concerns:
System overload – As enterprises have expanded to the cloud and adopted modernized tech-driven services, the number and complexity of security platforms required to monitor and mitigate threats has mushroomed. Managing the scale and velocity of security issues from all these platforms is becoming unsustainable, even for fully staffed departments.
Control gaps — A DBIR companion study on incident preparedness and response found that many organizations continue to struggle to close their security gaps: Some report that they understand what controls are needed and where they should be implemented but haven’t done so yet. Others report that they’ve implemented controls but haven’t actually tested their effectiveness.
Limited expertise — Nearly every commercial enterprise, government agency and institution of higher learning is struggling mightily to acquire the evolving cybersecurity skills they need. Even their best efforts to follow the National Institute of Standards and Technology’s Cybersecurity Framework — which recommends appropriate controls to identify, protect, detect, respond and recover from threats — often fall short because of lack of staff or expertise. And in truth, there’s also the tendency for IT personnel to focus on areas where they’re comfortable at the expense of the wider spectrum of needs.
These challenges have only grown more pressing in the midst of the COVID-19 pandemic. IT personnel have not only had to pivot suddenly to enable and secure vast numbers of employees working from home, but have also had to contend with a new wave of cyber assaults from attackers taking advantage of the situation.
A more productive alternative
All of that and more is driving commercial and public sector organizations and higher education institutions to a tipping point: IT leaders and top executives are recognizing that it makes increasing strategic and economic sense to turn to the expertise of managed and professional services providers to help them address the broadening array of digital transformation and cybersecurity challenges.
Once upon a time, when IT departments largely owned and operated their own IT systems, it made sense from a budgetary standpoint to have a dedicated staff who knew how their systems were built, where the flaws were and how to fix them. But not anymore.
The massive shift to software-defined, distributed computing and third-party infrastructure providers has made it all but impossible for most IT departments to keep up with everything there is to know about those systems — and how they work or don’t work together.
Given this evolution, it now makes more sense to shift day-to-day IT and security operations to a managed service provider, while bringing in professional services teams to tackle critical projects. There’s solid rationale behind this thinking.
First, managed and professional service providers can relieve the relentless pressure of hiring, training and reskilling IT personnel. In many cases, they can mitigate the hidden costs of postponed projects when positions go unfilled for long stretches of time.
Second, managed and professional service providers offer a more comprehensive array of specialized skills than any one IT department can typically maintain or afford. This, in turn, allows IT departments to retain the expertise they need, when they need it, for as long as they need it. That translates into more concentrated value and timely return on their resources.
Third, both types of services are scalable. What that really means for IT departments is they can focus their time and energy on digital outcomes that matter to their organization, rather than the mechanics, and ultimately deliver greater value to their enterprise and their customers or constituents.
There’s also another factor to consider: Because Verizon’s managed and professional services teams work across all types of industries globally, as well as with government agencies and higher education institutions, we’re able to bring a level of near real-time intelligence and expertise to virtually any security situation.
That’s especially important in an age when organizations have so much at stake—and the risks of attack can come from anywhere in the world.
Find out more on how Verizon Professional and Managed Services can provide a full spectrum of digital and security solutions for your organization.
This article was produced by Scoop News Group for, and sponsored by, Verizon.