2010 Data Breach Investigations Report (DBIR)

Security breaches have come from both the inside and outside of the organizations. Verizon has reported many data breaches from outside the organization while the United States Secret Service (USSS) has reported more breaches from insider threats. Misuse, hacking, and malware have continued to be the leading forms of online crime. Stolen credentials, SQL injection, and data-capturing also hurt organizations protecting information assets. Both physical breaches, such as theft or tampering, as well as social tactics have increased in 2009. Almost all data were breached from servers and applications. Most of these breaches could have been avoided with easily obtainable security measures. Organizations are also slow at identifying the breaches and responding to them, requiring external parties to discover the breach.