Cybersecurity has had its share of ups and downs, and with many new types of malware and hacking methods, things are even worse than they could be. It turns out that IT experts and professionals are concerned about the current state of cyber security. According to a new report from Craig Business Intelligence, 85% of IT professionals surveyed said they expect moderate-to-extreme cybersecurity issues in the coming year.
65% of these experts cited ransomware as a top concern for email security, and 60% predicted a huge increase in phishing attacks.
7% believe that malicious files in email attachments are a major problem, and 37% said that despite their best efforts, employees may not be able to prevent these attacks.
49% of IT professionals also reported that in 2023, malicious applications could start leaking more data. 29% said stolen or lost devices can cause some security issues.
The shift to remote work is also a cause for concern; 28% of professionals surveyed thought this could increase employers’ cyber security concerns. Budget constraints can also make the situation worse, as 20 percent saw it as a concern in the near future.
With all that said, it is important to note that companies are taking a number of steps to mitigate these threats. 85% of them start scanning files and attachments their employees receive, and security training and email backups each get 80%. Anti-fraud protection was an equally high priority, with 79% of surveyed companies saying they plan to focus on it in the coming year.
All these problems will be solved by the end of 2023. This could make 2023 an important year for cyber security, as many protocols undergo stress testing in the meantime. It will be interesting to see what the landscape will look like in a year.
Email Insecurity concerns
Over the past two years, cyber attacks stemming from exploited email vulnerabilities that enabled phishing attempts have in some cases led to unpleasant consequences.
New York state fined EyeMed Vision Care in October—not for the first time—for a massive2020 email hack and healthcare data breach The vision company was fined $4.5 million for multiple security breaches that “contributed” to the disclosure of information. and the consequences of this breach for bothvbusinesses and customers continue.
Fears of similar consequences of email security being “hacked” or “breached” were echoed in the May 2022 CyberRisk Alliance (CRA) Business Intelligence Survey based on a survey of 221 security and IT managers and, executives, security managers, and compliance professionals in the United States.
Respondents reported some form of email attack every day, including attacks against Microsoft and Google email systems.
increased significantly. This included increased abuse of both Microsoft 365 and Google’s email infrastructure.
In addition to phishing emails designed to capture login information, email attacks also contained payloads containing common viruses or application macros (such as implemented in Word or Excel).
Additionally, approximately half (51%) of all respondents reported up to 25 enterprise email compromise (BEC) attacks per day, while one in five (21%) reported that they did not know or could not estimate the number of BECs during the daytime attacks At least half of the respondents (51%) said they were very or very concerned about email attacks in the next 12 months. The threat of a ransomware attack was the top email security concern for two-thirds of all respondents, followed by fraud and phishing.
XDR positioned as force multiplier for threat detection
The threat landscape expanded during 2022 as organizations moved from on-premises operations to cloud-based operations and criminals used vulnerabilities to flood targets with ransomware and other malware. Along the way, the security teams realized that their protective equipment could no longer keep up.
To turn the tide, many security managers are pinning their hopes on extended detection and response (XDR), albeit through observation.
A March 2022 CRA-BI survey of 300 US IT and cybersecurity decision makers and influencers found that while current XDR adoption was low, interest was high.The interest in XDR, which essentially takes a more holistic approach to threat protection, reflects the concern of
security managers that the complexity of attacks is causing detection failures more often than ever before.
One of the Respondents cited a data breach last year that was not discovered by the organization until the damage was done.
“We saw no red flags; everything was normal,” said the respondent. “However, we were actually under attack. Even though we found it in less than 10 days, that’s still a lot of time when you’re under attack. I know some companies don’t find out about a breach until about six months later, and that’s really crazy.
In addition to monitoring traditional devices such as computers and servers, a large majority (84%)%) also reported monitoring mobile devices on their network. Respondents reported that their security solutions encompass a large number of both traditional and non-traditional endpoints and devices.
Nearly two-thirds (63%) of respondents reported controlling more than 1,000 traditional and non-traditional devices.
While endpoint security was a vexing challenge in 2022, respondents noted that their device security strategies are progressing with vulnerabilities and security issues exacerbated by the remote workforce.
Many Organizations are developing their endpoint security strategies to address ransomware threats (61%) and increase business resilience (58%) and meet regulatory requirements (55%).
Many organizations have predicted that they will increase their budgets to provide better protection. While nearly one in four of the
Another 70 percent of respondents said their hardware security budgets will remain unchanged over the next 12 months said they are likely to increase their hardware security budget at some level. Zero trust and autocorrect were at the top of their spending plans.
New Threat Intelligence Tools Assist in the protection of systems
In 2022, threat awareness will become a core business requirement in a world driven mad by the fear of ransomware.
The significant interest in the historically technology-centric discipline has been driven in part by fears of cyberattacks linked to the war between Russia and Ukraine. In one example, the Ukrainian government warned the world that Russia’s
The army was planning a multifaceted attack on the energy sector. Other nation-state cyberattacks have also affected demand, including one incident in June 2022 where Iran’s Cobalt Mirage used a PowerShell vulnerability to launch ransomware attacks.
And of course, headlines about data breaches involving security holes that organizations didn’t even know existed in their
networks grabbed the attention of not only security teams but also the C-Suite and the corporate board. For example, a misconfigured Microsoft server exposed tens of thousands of sensitive customer information, including personal information, user information, product and project information, and intellectual property.
According to 183 security professionals surveyed by CRA BI in June 2022, threat intelligence has become critical as
Their security operations centers (SOC) and crisis management teams are equipped with operational intelligence to help them make timely and informed decisions for system prevention. downtime, prevent theft of confidential information, and protect the intellectual property rights of
Safety training is used to train drivers.
Hazard analysis has become a useful tool for training managers. Many also credited threat analysis with helping them protect their business and customer data and potentially saving their organization’s reputation.
“Without threat intelligence, you’d be chasing ghosts,” said one CRA survey respondent.
Respondents reported that their most common use cases for threat intelligence were vulnerability management (68%), security operations (66%), and incident response (62%). Technical (73%) and operational (71%) threat intelligence is more common than more complex strategic or fundamental tactical use cases. Only 5% said they do not use any threat intelligence information.
Many respondents indicated that the availability of early and reliable intelligence is a key requirement of their organization. About six in 10 participants reported subscribing to up to 10 threat feeds, while another quarter,
collected between 11 and 50 intelligence feeds. The majority of respondents used threat intelligence or indicators of compromise (IOC) for the
Threat Analysis ChallengesEffective application of threat data is a challenge. Businesses face everything from internal barriers and competing priorities, such as limited resources and a lack of skilled or competent staff, budgeting and financial constraints, to challenges associated with dealing with a changing threat landscape and expanding attack surface, are all examples of competing priorities.
Unfortunately, the ability to implement automated security responses to threats that can detect and eliminate the latest types of attacks is beyond the reach of many. Some argue that actionable intelligence is hard to come by.
while others struggle with threat information overload, collect and combine critical attack data, and manage excessive alerts and false positives.
It was also possible to find a solution that allows for the most effective and rapid implementation, as well as the integration of intelligence and the deployment of advanced technologies such as machine learning models.
which optimizes the use of historical data to predict future events deemed problematic.
Planned investments in threat intelligenceDue to increased threat intelligence, respondents planned to increase their investments,
66% expected their organizations to invest more in the coming year. Automation and threat modeling are primarily desired by security teams based on planned investments.
Key findings in the seven areas are:
Cloud Security: Cloud Security Alliance (CSA) researchers reported that only 39% of organizations surveyed said they were very confident in their ability to protect cloud data, while only reported that 100% protection was sufficient for your data in the cloud. The survey also found that third parties, contractors, and suppliers are the most common targets of cyber attacks (58%). And about 92% of those who have already experienced a data breach believe they will experience another cloud data breach in the next 12 months.
Zero trust: A zero trust lock has slowed adoption, with only one in four respondents reporting a lack of trust in their organization. Those who had zero confidence in 2022 said the transition was too difficult and would not be effective for their organization. Others said that budget constraints and insufficient staff to monitor or support the zero-trust model prevented them from adopting it. However, the most common barriers to adoption of zero trust were lack of knowledge of the framework and lack of buy-in from senior management.
Endpoint Security: As the number of endpoints grows, respondents to the CRA survey did their best to keep up. In addition to monitoring traditional devices such as computers and servers, a large majority (84% also reported monitoring mobile devices on the network, and respondents reported that their security solutions encompass a wide range of both traditional and non-traditional endpoints and devices.
Nearly two-thirds (63%) of respondents reported controlling more than 1,000 traditional and non-traditional devices.
XDR: Although awareness of XDR is high (70%), current adoption of the XDR platform is relatively low; only 12% of respondents reported using this technology. But for those who use the technology or plan to invest in it, the main benefits are faster detection and generally better risk management.
Vulnerability Management: CRA survey respondents emphasized their focus on prioritizing vulnerabilities and addressing vulnerabilities that exploit these valuable assets. In many cases, budgets, resources, and personnel have been increased to strengthen security programs. More than two-thirds (69%) of respondents said their budget or spending on vulnerability management will increase in the next 12 months, especially for things like automation.
Email Security: Due to the significant and persistent volume of email attacks, a third of CRA respondents experienced up to 25 attacks per day. Additionally, approximately half (51%) of all respondents reported up to 25 business email compromise (BEC) attacks per day, while one in five (21%) did not know or could not estimate the number of BEC attacks per day. At least half of the respondents (51%) said they were very or very concerned about email attacks in the next 12 months. The threat of a ransomware attack was the top email security concern for two-thirds of respondents, followed by fraud and phishing.
Hazard Awareness: Hazard awareness has become a useful tool in driver training. Many also recognized threat intelligence that helped them protect their businesses and customer data and potentially save their organization’s reputation. The most popular threat erasure use cases were vulnerability management (68%), security operations (66%), and incident response (62%). Threat intelligence is more common in technical (73%) and operational (71%) use cases than in more complex strategic or fundamental tactical use cases. Only 5% said they do not use threat intelligence.
While each of the seven chapters of “The Year of Cybersecurity 2022: Everything, Everywhere, Everything at Once” addresses specific cybersecurity issues, a consistent theme runs through every budget survey, and one respondent said so. best: “Budgeting is always a hot topic, and it never gets better.” “It’s always difficult for an organization to adapt and prepare for new threats.”
Source: Cyber risk alliance(CRA)