Key Trends in The Verizon Data Breach Investigation Report 2022

You are currently viewing Key Trends in The Verizon Data Breach Investigation Report 2022


The Verizon 2022 Data Breach Investigations Report (DBIR) reviews over 5,212 breaches and 23,896 security events that occurred between November 2020 and October 2021. The research gives readers a look at the worldwide trends and patterns that led to the great majority of cyber-attacks and data breaches.

The most important discoveries

According to the study, ransomware assaults continue to put strain on enterprises throughout the world, with a 13 percent increase in such attacks observed by researchers. When compared to the previous five years’ totals, this constituted a significant increase.

While desktop sharing software was used in 40 percent of ransomware occurrences, email was used in 35 percent.

Of 2021, social engineering became a major issue, reflecting the rise in common cybercrime strategies. Human mistakes and misuse of rights accounted for 82 percent of the breaches recorded last year.

Financially motivated cyberattacks remained the primary focus for threat actors, accounting for about 89 percent of all reported breaches.

The spike in system attacks documented last year was due to poor security implementation across supplier chains. Around 62 percent of system intrusions were carried out through taking advantage of the supply chain, which included online apps or software.

Furthermore, organised crime has remained a ubiquitous presence in the realm of cybersecurity. Organized crime was responsible for almost 4 out of every 5 breaches seen last year.

In almost half of all breaches, stolen or compromised credentials were utilised, making it easier for attackers to gain access to networks.

In many cases, phishing, previously known vulnerabilities, and malware downloaders were used to start the great majority of breaches.


According to Verizon, enterprises must handle four key pathways that lead to first network access: credentials, phishing, exploitation of vulnerabilities, and botnets. Additionally, firms must work on instilling cybersecurity knowledge in their staff in order to keep their company processes safe.

Leave a Reply