Concern #1: Attack Types
Organizations today have a large number of attack vectors to prevent, monitor for, detect, alert to, and remediate. With cyber criminals getting so good at their craft, it’s difficult for organizations to focus on just one issue. So, which attacks are a concern? We broke the issue of attacks down into 11 pressing types:
- CEO Attacks / Whaling 85% ( 7% keeps them up at night)
- Credential Compromise 93% (10% keeps them up at night)
- Cryptojacking 85% (5% keeps them up at night)
- Data Breaches 95% (12% keeps them up at night)
- DDoS 70% (5% keeps them up at night)
- Drive-By Downloads 83% (45 keeps them up at night)
- Encrypted Attacks 88% (6% keeps them up at night)
- ICS Malware 79% (5% keeps them up at night)
- Malware 82% (4% keeps them up at night)
- Phishing / Spear Phishing 94% (8% keeps them up at night)
- Ransomware 89% (7% keeps them up at night)
You’ll notice that nine of the 11 attack types have over 80% of organizations concerned to some degree, and a near alignment between the issues most keeping IT up at night with overall concern. Data breaches were the primary issue most organizations are concerned about, with credential compromise coming in as a close second. These two issues go hand-in-hand, as misuse of credentials remains the number one attack tactic in data breaches, according to Verizon’s 2018 Data Breach Investigations Report. Phishing and ransomware ranked next, demonstrating that organizations are still not completely prepared against these relatively “old” attack vectors.
In my next post we will look at “Security Initiatives” … Till then…..Think Before You Click!
Tina Louise ~ https://www.cloudplusservices.com ~ 888.871.6584