Verizon Data Breach Investigations Report

Get Started

View Pricing Request Demo

In its eleven edition, the Verizon Data Breach Investigations Report (DBIR) continues to be a wealth of information for security professionals. The report focuses on data breaches, defining such breaches as "An incident that results in the confirmed disclosure— not just potential exposure—of data to an unauthorized party." A few of the highlights of the DBIR are listed below.

49% of non-point-of-sale malware was installed via malicious email
74% of cyber-espionage actions within the public sector involved phishing
Motives for phishing are split between financial (59%) and espionage (41%)
70% of breaches associated with a nation-state or state-affiliated actors involved phishing
17% of breaches were social attacks
12% of breaches involved actors identified as a nation-state or state-affiliated
24% of breaches affected healthcare organizations
58% of data breach victims are categorized as small businesses

Information security is a prime concern for all businesses. One factor that continues is the fact that employees play a key role as they are a key part of a layered security strategy. PhishingBox provides end-user security awareness training to mitigate the threat from phishing and other malicious emails.

Phishing Security Awareness Training

DBIR Trends Reveal the Human Side of Data Breaches

Verizon’s latest Data Breach Investigations Reports make one thing clear: the human element is the leading cause of data breaches year after year. Whether it’s a misclick, a misconfiguration, or a convincing phishing email, people—not just technology—are at the heart of most security incidents. This article explores three years of DBIR data, highlights the steady role of social engineering, and explains how organizations can reduce risk by investing in awareness, testing, and training, starting with their own workforce.

Aug 04, 2025