CybersecuritySecurity NewswireCybersecurity News

Perception gap exists in what causes cyber incidents & data breaches

By Security Staff
Cybersecurity image

Image via Unsplash

December 8, 2023

A recent study published by Hive Systems found that the media, academia and the general public overestimate the prevalence of system intrusions while underestimating more common causes of cybersecurity incidents and data breaches. A comprehensive analysis of academic publications, media trends and search engine results showed that while system intrusions account for only one-third of cybersecurity incidents and data breaches, more than two-thirds of media coverage and internet searches focused around the topic.

While the industry-standard 2023 Verizon Data Breach Investigation Report (DBIR) listed system intrusions as the most prevalent cause of cybersecurity incidents and data breaches (35% and 25% respectively), the public perception far outweighs its pervasiveness. According to the report, not only were internet searches for system intrusions nearly twice as common (55%), the second-most common tool for data breaches — basic web application attacks — was barely explored (<1%). 

Similarly, media coverage predominantly focused on system intrusions and social engineering — approximately 75% of all coverage. That amount of coverage equates to over 30% more than its frequency as reported by the DBIR. While The New York Times dedicated a majority of its cybersecurity incident and data breach coverage to system intrusions (65%), The Guardian spent 30% of its coverage on social engineering.

On the academic side, more than three-quarters of all academic journals published focused on denial of service attacks —  a topic that accounted for 1% of total cybersecurity data breaches and 40% of total cybersecurity incidents.

DBIR incident and breach classification patterns are based on clustering of data as opposed to how the cybersecurity industry tends to group them. Types of breaches include System Intrusion (e.g., ransomware, malware, stolen credentials), Social Engineering (e.g., phishing emails, texts, phone calls), Basic Web Application Attacks (e.g., SQL injection), Miscellaneous Errors (e.g., misconfigurations), Privilege Misuse (e.g., disgruntled employee data leak), Lost and Stolen Assets (e.g., stolen laptop or phone), Denial of Service (e.g., DDoS attacks) and Everything Else (e.g., ATM card skimmers).

KEYWORDS: cybersecurity incident data breaches DDoS malware ransomware

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • October 22, 2012

    Industrial Control Systems Cyber-Security Conference

    ICS Cyber-Security is the conference where industrial control systems users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions.
  • April 15, 2026

    How AI is Closing the Decision Gap in Leading GSOCs

    ON DEMAND: Learn how modern security teams are evolving from alert-driven workflows to outcome-driven operations and how AI is enabling faster, more confident decisions at every stage of the incident response lifecycle.
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!