Display Accessibility Tools

Accessibility Tools


Highlight Links

Change Contrast

Increase Text Size

Increase Letter Spacing

Readability Bar

Dyslexia Friendly Font

Increase Cursor Size

ManpowerGroup - 2023

One Step Ahead of the Cybersecurity Curve: Predicting Data Breach Trends Based on Historical Attack Patterns


The cybersecurity threat landscape continually shifts over time. In order to avoid a data breach, organizations large and small must develop internal programs and practices to not only counteract existing threats, but also anticipate what is coming next. There are multiple resources available to research attributes of historical data breaches, but none is more comprehensive than the Verizon annual "Data Breach Investigations Report" (DBIR). Many cybersecurity practitioners regard this report as the go-to guide to understand the various aspects of historical data breaches. While the report looks at root causes of breaches from the past to today, it stops short of predicting what may occur in the future. The future of the threat landscape will always be unknown. However, it would be valuable to the cybersecurity community to see a glimpse of a possible future via predictively extrapolating historical successful attack trends using a data-derived and mathematically sound approach.

Project Scope

The goal of this project is to mathematically predict the root causes of future data breaches by extrapolating historical breach trends as detailed in the Verizon’s latest DBIR. A graphical depiction is provided below.


  • A graphic similar to the given in the 2022 report with supporting data.
  • Project Documentation – A detailed document walking through the software used, how the data was cleaned and analyzed, and any assumptions made.
  • Project Presentation – A presentation detailing the findings and suggested next steps.

Additional Questions

  1. Using the breach predictions derived, can specific security control recommendations be made for various organizations based on the matrix found in Appendix B of the DBIR based on an industry standard control set such as the Center for Internet Security (CIS)– Critical Security Controls?
  2. Based on the mapped CIS controls, are there specific metrics/KPIs organizations should baseline now and aim to improve over time as a means to counteract the predicted attack patterns as taken from industry thought leader SANS?
  3. As time unfolds new breach data, can the results of this study be overlaid on the actual data in future DBIR reports to validate accuracy in the predication model?