Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Cyberthreat Defense Report 2022: Key Points You Should Know
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Cyberthreat Defense Report 2022: Key Points You Should Know

4 years ago Tripwire Guest Authors
Cyberthreat Defense Report 2022: Key Points You Should Know

Each year, CyberEdge publishes the Cyberthreat Defense Report (CDR). Aimed at IT security leaders, this comprehensive report outlines the threats, security issues, and industry concerns that are most pressing.

Information summarized in the CDR is gathered through surveys conducted in 17 countries and 19 industries. Respondents are IT decision-makers in organizations with at least 500 employees. The diversity of locations and industries provides a broad and multi-faceted insight into cybersecurity across the globe.

By understanding the real and perceived global cybersecurity threats, IT and security professionals can assess their own cyber threat defenses and make decisions to mitigate risk better. The details of this report help prioritize, plan, and plug cybersecurity gaps.

Cybersecurity Attacks on Organizations – The Current Landscape

Opening the conversation around cybersecurity, respondents were asked how many times their organization’s global network had been compromised in the previous 12-month period. Looking at the numbers, any hope that cybercriminals had slowed down has been dashed.

Alarmingly, more than 85% of organizations reported a successful cyberattack in the past year. The previous CDR figures showed that 86.2% of organizations had fallen victim to cybersecurity compromises.

In 2022, more than 40% of organizations suffered six or more cyberattacks. This is more than double what it was just eight years ago. Security threats have been compounded by employees transitioning to remote or hybrid work arrangements, increasing dependence on cloud-based environments, and criminal motivations to exploit security holes in mobile and web applications. Organizations need to ensure substantial and well-spent security budgets to mitigate these risks.

Exploited Industries

Within the 19 industries polled for the report, Cyberedge categorizes “7 major” industries. Of these, educational institutions again took the top spot as the most frequently victimized by the volume of successful cybersecurity attacks.

While 90.5% of educational respondents reported attacks, the telecom and technology industry wasn’t far behind, with 90.3% having been compromised. These industries were followed closely by the finance, manufacturing, and retail sectors.

Areas of Concern

The poll then asked respondents what types of threats are of primary concern for them and their organizations. Given a list of cyber threats, they were asked to rate their level of concern on a Likert scale of one to five, with five being the highest.

For the seventh year running, malware leads the pack with 4.01 points on average. Malware is identified as a key component of ransomware, phishing, digital skimming, and similar attacks.

A surprising runner-up, Account Takeover (ATO) and credential abuse attacks were rated at 3.97 points on average. The category rose from fourth place last year and increased more than any other category in the list. ATO threats are a major concern in the finance and financial services industries and were reported among manufacturing, telecom and technology companies.

Rounding out the top 5 categories were ransomware (3.96), phishing (3.93), and reputation attacks via social media (3.86). Notably, ransomware attacks set a new record, with 71% of organizations reporting that they had been victims of a ransomware scheme. Of those, 62.9% paid ransoms to cybercriminals. Ransomware has become an industry all its own, with hundreds of millions of dollars each year landing in the hands of attackers.

Web and Mobile Attacks

When planning strategies and allocating budgets, it’s helpful to look at the areas that other companies see as most threatening. As dependence on web and mobile applications grows, so does the potential for exploitation.

Respondents were asked which attacks were of primary concern when it came to their web and mobile applications. Nearly half of the security professionals expressed worry about Personally Identifiable Information (PII) harvesting through their applications. The runner-up in this category was ATO/credential stuffing attacks, followed by credit card and payment fraud.

Reports of ATO concerns advanced by 7% from last year’s report, spurred in part by the use of professional and educational applications by remote workers. As the audience grows, so do the threats, drawing the attention of IT and security professionals.

Barriers to Building Defenses

Considering the cybersecurity landscape, what do security professionals identify as potential barriers to an adequate defense? For the third year in a row, organizations report that lack of skilled personnel as their primary challenge. While a longstanding issue, 2022 has exasperated this issue as organizations struggle to hire and retain staff.

The second most noted barrier to building a robust security strategy is low awareness amongst users and employees. Despite internal approaches to security, employees remain a focus, proving susceptibility to social engineering attacks, phishing campaigns, and other approaches that exploit human mistrust.

Other notable barriers include interoperability challenges between security solutions, lack of management support, an overwhelming amount of data to parse and act upon, insufficient automation for threat detection, and security tools with a lack of contextual information output.

Interestingly, the lowest-reported barrier was lack of budget, suggesting that organizations are ready to pay for the right staff and security solutions when they find them.

Beneficial Certifications

Asked which cybersecurity certifications would be most beneficial to their career path, respondents named two particular specialties above all else: cloud security and software security, followed closely by security administration.

In an ever-changing professional climate and rapidly evolving world, continuing education is crucial for security, and technology professionals. Cloud security and software security are high-growth areas, adding value to organizations while boosting resumes.

As a high proportion of organizations draw attention to the lack of knowledgeable personnel, those looking to make a career shift are wise to focus on any of these areas.

Moving Forward

Some may find these figures a bit grim, identifying potential issues and challenges for their organizations and users. Instead, these responses can bring clarity and serve as a motivation for a well-placed security strategy.

Identifying the most commonly-cited challenges and threats can help security professionals assess their internal strategies and adjust accordingly.  The Cyberedge report acts as one of the valuable resources to help with a deeper understanding of the threat environment.

About the Author: Having spent her career in various capacities and industries under the “high tech” umbrella, Stefanie Shank is passionate about the trends, challenges, solutions, and stories of existing and emerging technologies. A storyteller at heart, she considers herself one of the lucky ones: someone who gets to make a living doing what she loves.

Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” Cyberthreat Defense Report 2022: Key Points You Should Know” appeared first on TripWire

Source:TripWire – Tripwire Guest Authors

Tags: Cloud, Encryption, Exploit, High Severity, Low Severity, Malware, Medium Severity, Phishing, Ransomware, TripWire

Continue Reading

Previous Learn Cybersecurity with Palo Alto Networks Through this PCCSA Course @ 93% OFF
Next Reexamining the “5 Laws of Cybersecurity”

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

11 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

13 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

14 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

16 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

18 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

21 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT