Titaniam, Inc., the industry’s most advanced data protection and ransomware immunity platform, recently surveyed corporate security professionals to gain their predictions on cyberattack trend patterns for 2023.
Attackers are expected to broaden their targeting strategy beyond regulated verticals such as financial services and healthcare. Experts predict that large corporations (41%) will be the top targeted sector for cyberattacks in 2023, favored over financial institutions (36%), government (14%), healthcare (9%), and education (8%).
Also Read: MJV Innovation Launches New Book on Business Agility
The fast pace of change has introduced new vulnerabilities into corporate networks, making them an increasingly attractive target for cyberattackers. To compete in the digital marketplace, large companies are adopting more cloud services, aggregating data, pushing code into production faster, and connecting applications and systems via APIs. As a result, misconfigured services, unprotected databases, little-tested applications, and unknown and unsecured APIs abound, all of which can be exploited by attackers.
The top four threats in 2022 were malware (30%), ransomware and extortion (27%), insider threats (26%), and phishing (17%). (In contrast, the Verizon Data Breach Investigations Report revealed that phishing was the #2 threat in 2022, right behind credentials theft). The study found that enterprises expected malware (40%) to be their biggest challenge in 2023, followed by insider threats (26%), ransomware and related extortion (21%), and phishing (16%). Malware, however, has more enterprises worried for 2023 than it did for 2022. It is important to note that these threats can be overlapping, where insiders can have a hand in ransomware attacks, phishing can be a source of malware, etc.
Attackers are evolving their strategies in an attempt to surprise and outmaneuver security teams, which have hardened ransomware defenses and improved phishing detection. They’re using new malware, such as loaders, infostealers, and wipers to accelerate attacks, steal sensitive data and create mayhem. They’re also buying and stealing employee credentials to walk in through the front door of corporate networks.
Nearly two-thirds (65%) of companies were breached in 2022 as attackers exploited process gaps and security vulnerabilities to access networks. While no corporate security team wants to detect a breach, they’re doing it faster, thanks to security platforms that use automation and artificial intelligence to detect anomalies amidst noise and speed up security operations processes. Among those breached, 91% of security operations teams detected the incident within a week, while 100% identified it within a month. Less hacker dwell time in networks means less damage for these companies.
SOURCE: PR Web