Figure 19 from the 2014 DBIR presented the frequency of incident patterns across the various industry verticals. The major takeaway was that different industries exhibit substantially different threat profiles and therefore cannot possibly have the same remediation priorities. That may be a rather "no duh" finding, but keep in mind most security standards treat all requirements as equal stepping stones on a path to 100% compliance. Past reports have emphasized that with security, there is no "one size fits all" approach. It is our fervent hope that that data sowed some seeds of change, and this year we'd like to help grow that crop a bit more.
Whereas last year's report asked "Do all organizations share similar threat profiles?", we now want to explore what we believe to be a much better question: "Which industries exhibit similar threat profiles?" Just as our nine patterns helped to simplify a complex issue last year, we believe that answering this question can help clarify the "so what?" question for different verticals.
We've made an interactive version of Figure 19 from the 2015 DBIR to help you explore this question on your own. As a refresher, each dot represents an industry "subsector" (we chose to use the three-digit NAICS codes—rather than the first two only—to illustrate more specificity in industry groupings). The size of the dot relates to the number of incidents recorded for that subsector over the last three years (larger == more). The distance between the dots shows how incidents in one subsector compare to that of another. If dots are close together, it means incidents in those subsectors share similar VERIS characteristics such as threat actors, actions, compromised assets, etc. If far away, it means the opposite. In other words, subsectors with similar threat profiles appear closer together.
Hover over the two-digit, top-level industries in the legend to highlight those in the chart and see just how close (or far) they are from each other. Hover over individual dots to see a description of that sub-sector and also get a count of the number of incidents for that sub-sector.
We've included a few key findings that you can select to see what the DBIR team had to say about them.