I just read an interesting study recently released by Verizon, titled, "2012 Data Breach Investigations Report," which Verizon's RISK Team conducted in conjunction with cooperation from multiple security organizations, including the United States Secret Services.
Here are just a couple of highlights from this 80-page report:
* "This year our DBIR (Data Breach Investigations Report) includes more incidents, derived from more contributors, and represents a broader and more diverse geographical scope. The number of compromised records across these incidents skyrocketed back up to 174 million after reaching an all-time low in last year’s report of 4 million."
* "81% of data breaches utilized some form of hacking (up 31% from the previous year)"
* "69% incorporated malware (up 20% from the previous year)"
So, just to quickly summarize: security breaches are on the rise -- big time. Here's the one thing I found to be even more surprising:
"97% of all breaches were avoidable through simple or intermediate controls." Did you catch the last part of that statement -- simple or intermediate controls. Not super high-tech, super complicated security measures, but basic security measures.
This is good news if you're a VAR or MSP that sells security solutions. Your customers' security isn't so much dependent on whether you selected vendor A or B -- it's about how well you executed on the basics -- such as configuring your customers' firewall and ensuring their antivirus licenses remained active.
In the ever-changing IT world where new products are being released all the time and it seems like you have to drink from a fire hydrant of information just to keep up with everything, don't forget this one simple fact about the role you play in your customers' IT security success: If you can competently handle the network security basics, you can help your clients thwart 97% of all the problems out there in the wild. That's a fact you shouldn't underestimate -- and your customers shouldn't undervalue.