This week Verizon released its 2020 Data Breach Investigations Report. Now in its 13th year, Verizon takes a deeper look than ever, adding new industries to its report. In it, Verizon flags human error as the only action type with consistent year-over-year growth, with errors now equally as common as Social breaches and more common than Malware. Misconfiguration remains a leading cause of error, up almost 5% from last year. Note that the data was collected prior to any Covid-related workplace changes which, as we’ve reported in past issues of DevOps news, have resulted in greater ransomware and phishing campaigns.
In addition, readers should note that the 2020 DIBR found a striking increase in web application breaches, jumping to 43% in 2020. Of cloud-related breaches, 73% involved an email or web application server. Relatedly, GitLab revealed its fourth annual DevSecOps survey finding that DevOps adoption has resulted in wide changes across tools and developer, security, and operations team roles. With 25% of developers saying they feel solely responsible for security and 70% of operations reporting that developers can provision their own environments. Last, it’s worth noting that testing remains the top bottleneck for the second year running, with only 12% reporting that they have full test automation.