Key Takeaways from the 2023 Verizon Data Breach Investigations Report

In the rapidly evolving world of cybersecurity, staying updated with the latest trends, attack vectors, and threat actors is paramount for organizations of all sizes and across all industries.

Each year, the Verizon Data Breach Investigations Report (DBIR) provides a treasure trove of insights that help us understand where our cyber defenses stand, what we need to be wary of, and how we can navigate the turbulent seas of cyber threats.

The 2023 DBIR is no different. 

This year, the report analyzed a staggering 16,312 security incidents, out of which 5,199 were confirmed data breaches.

With these figures in mind, the report offers a holistic understanding of the current cybersecurity landscape. Its insights are not just a mirror reflecting the state of cybersecurity today, but also a lens through which we can anticipate the challenges of tomorrow.

In this blog post, we will delve into the key takeaways from the 2023 DBIR, focusing on notable trends, significant changes, the most affected sectors, and the predominant types of data breaches. We aim to present these findings in a way that is informative, useful, easy to understand, and actionable for your organization.

So, let’s journey into the underbelly of cybercrime and extract lessons that can help us bolster our defenses.

  1. Prevalence of Social Engineering: Social engineering attacks, including business email compromise (BEC) attacks, are on the rise, with BEC attacks nearly doubling across all incidents. These represent more than 50% of all incidents within the Social Engineering pattern, pointing towards the continued efficacy and profitability of these types of attacks.
  2. Human Element in Breaches: Around 74% of all breaches include a human element, where individuals are involved either via error, privilege misuse, use of stolen credentials, or social engineering. This highlights the ongoing need for robust user training and awareness programs, along with technical controls.
  3. Financial Services Most Affected: The Financial Services sector was the most affected by data breaches in the period covered by the report. Companies in this industry need to be particularly vigilant about their cybersecurity practices and defenses.
  4. External Actors Dominate: External actors were involved in 83% of the breaches, and the primary motivation for attacks continues to be overwhelmingly financially driven, contributing to 95% of breaches. This emphasizes the need for strong perimeter defenses, threat intelligence, and incident response capabilities.
  5. Common Attack Vectors: The three primary ways in which attackers gain access to an organization are stolen credentials, phishing, and exploitation of vulnerabilities. Organizations need to focus their defenses accordingly, using multi-factor authentication, regular patching, and user awareness training.
  6. Web Application Attacks Remain Prominent: A significant proportion of attacks involve web applications. This calls for an increased focus on securing web applications through measures like regular vulnerability assessments and penetration testing, along with secure coding practices.
  7. Geographical Distribution of Incidents: North America and the EMEA region suffered the majority of incidents, with APAC and LAC also affected. This suggests that organizations in these regions need to be particularly aware of the evolving threat landscape and take steps to protect themselves.



The 2023 Verizon Data Breach Investigations Report paints a picture of an ever-evolving cybersecurity landscape, where old threats persist and new ones emerge. 

The increasing prevalence of social engineering attacks, particularly Business Email Compromise, the central role played by the human element in breaches, and the continued prominence of web application attacks are all key insights we need to take on board.

Perhaps most strikingly, the fact that Financial Services emerged as the most affected industry sector and that North America and the EMEA region suffered the majority of incidents serves as a stark reminder that no sector or region is immune from the threat of cybercrime.

It’s clear that while we’ve come a long way in our collective cybersecurity journey, there’s much more work to be done. As we navigate this complex landscape, armed with the knowledge gleaned from reports like the DBIR, we need to keep reevaluating and fortifying our defenses continually.

While the threats are real and ever-present, this report’s findings remind us that with the right mix of user awareness, robust security policies, technological defenses, and a proactive approach, we can significantly reduce our risk exposure and build a more secure digital future.

Verizon’s report reminds us to stay vigilant, and remember: in the realm of cybersecurity, knowledge is your most potent defense.


About Traceable

Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers. To learn more about how API security can help your business, book a demo with a security expert.