SURVEY REVEALS $2 TRILLION MARKET OPPORTUNITY FOR CYBERSECURITY TECHNOLOGY AND SERVICE PROVIDERS

SURVEY REVEALS $2 TRILLION MARKET OPPORTUNITY FOR CYBERSECURITY TECHNOLOGY AND SERVICE PROVIDERS

INTRODUCTION

Cybersecurity is the mechanism organizations act to protect their own and their customers’ data from malicious attacks. It has not been receding but propitiating with change tactics, even after massive investments in tackling cyber-attack and stopping cyber-criminals. •

 The good news is that ransomware payments reported to the FBI were down to $34.3 million in 2022 from $49 million in 2021. The bad news is that as targets increasingly refuse to pay, ransomware groups are escalating the brutality of attacks. In one case, a Russia-based criminal group attempting to extort a health network released photos of patients receiving cancer treatment; in another, a public school district under attack saw information about students exposed publicly.  A growing shortage of cybersecurity workers means that companies are confronting demands for higher pay and more flexible work arrangements. In the US, chief information security officers (CISOs) earned 15% more in 2022 compared with 2021; UK CISOs earned 4% more. In Europe, CISO salaries are 18% to 30% lower than in the US, but European companies report agreeing to more flexible arrangements, such as allowing these executives to live in a different country. Some companies are recruiting internal candidates and training them in cybersecurity, or rewriting job descriptions to entice a wider group of candidates. 

 Cybercrime has grown in tandem with cyber progress. The internet isn’t always a safe space. Cyberattacks are on the rise, and there’s no indication that they will stop anytime soon. As a result of this rise, everyone is on red alert: consumers are paying more attention to where their data goes; governments are putting regulations in place to protect their populations; and organizations are spending more time, energy, and money to guard their operations against cybercrime. For organizations, the increasing awareness of cyber risk, by consumers and regulators alike, doesn’t have to spell trouble. In fact, the current climate could present savvy leaders with a significant growth opportunity. The organizations best positioned to build digital trust are more likely than others to see annual growth of at least 10 %. What is a cyberattack?

Before we learn how organizations and individuals can protect themselves, let’s start with what they’re protecting themselves against.  Simply, it’s any malicious attack on a computer system, network, or device to gain access and information. There are many different types of cyber-attacks. Some of the most common ones:

Malware is malicious software, including spyware, ransomware, and viruses. It accesses a network through a weakness—for example when a member of the network clicks on a fraudulent link or email attachment. Once malware controls a system, it can demand payment in exchange for access to that system (ransomware), covertly transmit information from the network (spyware), or install additional harmful software on the network. In 2021, ransomware attacks alone surged by 105 %.

Phishing involves a bad actor sending a fraudulent message that appears to come from a legitimate source, like a bank or a company, or from somebody with the wrong number. Phishing attacks are made through email, text, or social networks. Typically, the goal is to steal information by installing malware or by cajoling the victim into divulging personal details.

Man-in-the-middle attacks are incidents in which an attacker comes between two members of a transaction to eavesdrop on personal information. These attacks are particularly common on public Wi-Fi networks, which can be easily hacked.

Denial-of-service attacks flood systems with traffic to clog up bandwidth so that they can’t fulfill legitimate requests. The goal of this type of attack is to shut down systems.

Password attacks are mounted by cybercriminals who try to steal passwords by guesswork or trickery.

Individuals and companies can protect themselves against cyberattacks in a variety of ways—from passwords to physical locks on hard drives. Network security protects a wired or wireless computer network from intruders. Information security—such as the data protection measures in Europe’s General Data Protection Regulation (GDPR)—protects sensitive data from unauthorized access. There are many more kinds of cybersecurity, including antivirus software and firewalls. Cybersecurity is big business: one tech research and advisory company estimates that businesses will spend more than $188 billion on information security in 2023.

Despite the extensive measures organizations execute to save themselves, they often don’t go far enough. Cybercriminals are constantly evolving their methods to take advantage of consumer shifts and newly exposed loopholes. When the world hastily shifted to remote work at the beginning of the pandemic, for example, cybercriminals took advantage of new software vulnerabilities to wreak havoc on computer systems. The Internet Crime Complaint Center of the US Federal Bureau of Investigation (FBI) reported a nearly 50 % increase in suspected Internet crime in 2020 from 2019. Reported losses exceeded $4.2 billion. Cyber risk isn’t static, and it never goes away. Only by taking a dynamic, forward-looking stance can companies keep up with the state of play and mitigate disruptions in the future. These three major cybersecurity trends may have the biggest implications for organizations:

1.  On-demand access to ubiquitous data and information platforms is growing. Recent shifts toward mobile platforms and remote work require high-speed access to ubiquitous, large data sets. This dependency exacerbates the likelihood of a breach. Organizations collect more data than ever about their customers, so such a breach could be especially costly. To store, manage, and protect the data, organizations need new technology platforms.

2.  Hackers use AI, machine learning, and other technologies to launch increasingly sophisticated attacks. Gone are the days of the hacker in a hoodie working alone in a room with blackout shades. Today, hacking is a multibillion-dollar industry, complete with institutional hierarchies and R&D budgets. Attackers using advanced tools such as AI, automation, and machine learning will cut the end-to-end life cycle of an attack from weeks to days or even hours. Other technologies and capabilities are making known forms of attacks, such as ransomware and phishing, easier to mount and more common.

3.  The growing regulatory landscape and continued gaps in resources, knowledge, and talent mean that organizations must continually evolve and adapt their cybersecurity approach. Many organizations don’t have enough knowledge, talent, and expertise in cybersecurity. The shortfall is growing as regulators increase their monitoring of cybersecurity in corporations.

These are the three cybersecurity trends to be predicted for the next few years. It is necessary to apprehend that organizations can stay ahead of the curve.

Regulators' roles towards cybersecurity

As high-profile cyberattacks catapult data security into the international spotlight, policymakers are paying increased attention to how organizations manage the public’s data. In the United States, the federal government and at least 45 states and Puerto Rico have introduced or considered more than 250 bills or resolutions that deal with cybersecurity. In Europe, the General Data Protection Regulation levies fines of up to 4 % of global turnover against companies that fail to protect their customers’ data. Some of the most significant compromises of essential services or information in recent years have involved attacks against large US companies. In 2021, the FBI received the highest number of cybercrime complaints and reported total losses in history: nearly 850,000 complaints, reflecting more than $6.9 billion in losses. The new legislation will influence how companies report and disclose cybercrime and how they govern their efforts to fight it.

There are three steps an organization can take to help prepare for new regulations. Readiness. Companies can increase their readiness for cyberattacks by double-checking their ability to detect and identify them and creating clear reporting processes. Existing processes should be tested and refined through simulation exercises. Respondation. Companies can upgrade their response to cyberattacks by improving their ability to identify, contain, eradicate, and recover from them. They can, for example, establish crisis nerve centers, hire outside experts to cross-check their plans and implement protocols to use alternative support and services during an attack. Swift Remedy. In the aftermath of a crisis, companies can reflect on lessons learned and apply them to better strategies for greater resilience. Companies can increase their readiness for cyberattacks by double-checking their ability to detect and identify them and creating clear reporting processes.

Assistance cybersecurity technology and service providers

Cyberattacks are on track to cause $10.5 trillion a year in damage by 2025. That’s a 300 % increase from 2015 levels. To protect against the onslaught, organizations around the world spent around $150 billion on cybersecurity in 2021, and this sum is growing by 12.4 % a year. But even that is probably not enough: threat volumes are predicted to rise in coming years. The gap between the current market and the total addressable market is huge; only 10 % of the security solutions market has currently been penetrated. The total opportunity is a staggering $1.5 trillion to $2 trillion.

In consideration of presents trends, cybersecurity providers can focus on four key areas:

Cloud technologies. For the foreseeable future, migration to the cloud will continue to dominate the technology strategies of many organizations. Providers should therefore be able to protect both general and specialized cloud configurations.

Pricing mechanisms. Most cyber solutions currently on the market are not aimed at small- to medium-sized businesses. Cybersecurity providers can capture this market by creating products tailored to it.

Artificial intelligence. There’s huge potential for innovative AI and machine learning in the cybersecurity space. But operators struggle to trust autonomous intelligent cyber defense platforms and products. Providers should instead develop AI and ML products that make human analysts more efficient.

Managed services. Demand for full-service offerings is set to rise by as much as 10 % annually over the next three years. Providers should develop bundled offerings that include hot-button use cases. And they should focus on outcomes, not technology.

DANGER OF RANSOMWARE

Malware that manipulates a victim’s data and holds it for ransom by encrypting it is ransomware. In recent years, it has achieved a new level of sophistication and demands for payment have rocketed into the tens of millions of dollars. The “smash and grab” operations of the past have morphed into a long game: hackers lurk undetected within their victims’ environments to find the most valuable information and data. And the situation is predicted only to worsen: the market research organization and Cybercrime Magazine publisher Cybersecurity Ventures estimates that the cost of ransomware could reach $265 billion by 2031. Here are some specific costs that companies have faced as a result of ransomware attacks:

• Colonial Pipeline paid a $4.4 million ransom after the company shut down operations.
• Global meat producer JBS paid $11 million.
• Global insurance provider CNA Financial paid a reported $40 million.
• A ransomware attack on US software provider Kaseya targeted its remote computer management tool and endangered up to 2,000 companies around the world.

These figures don’t include costs such as payments to third parties—for instance, law, public relations, and negotiation firms. Nor do they include the opportunity costs of having executives and specialized teams turn away from their day-to-day roles for weeks or months to deal with an attack or with the resulting lost revenues.

Organizations plan to mitigate future cyber threats

Cybersecurity managers ought to consider the following capabilities, which should be adjusted to the unique contexts of individual companies.

• Zero-trust architecture (ZTA). In this security system design, all entities—inside and outside the organization’s computer network—are not trusted by default and must prove their trustworthiness. ZTA shifts the focus of cyber defense away from the static perimeters around physical networks and toward users, assets, and resources, thus mitigating the risk from decentralized data.
• Behavioral analytics. These tools can monitor employee access requests or the health of devices and identify anomalous user behavior or device activity.
• Elastic log monitoring for large data sets. Thanks to advances in big data and the Internet of Things (IoT), data sets are larger than ever. The sheer volume of data that must be monitored makes keeping track of who’s accessing it all the more challenging. Elastic log monitoring allows companies to pull log data from anywhere in the organization into a single location and then search, analyze, and visualize it in real-time.
• Homomorphic encryption. This method allows users to work with encrypted data without first decrypting it, thus giving third parties and other collaborators safe access to large data sets.
• Risk-based automation. As digitization levels increase, organizations can use automation to handle lower-risk and rote processes, freeing up other resources for higher-value activities.
• Defensive AI and machine learning for cybersecurity. Since cyber attackers are adopting AI and machine learning, cybersecurity teams must scale up the same technologies. Organizations can use them to detect and fix non-compliant security systems.
• Technical and organizational responses to ransomware. As the sophistication, frequency, and range of ransomware increase, organizations must keep up with it.
• Secure software development. Companies should embed cybersecurity in the design of software from inception. Security and technology risk teams should engage with developers throughout each stage of development. Security teams should also adopt more systematic approaches to problems, including Agile and Kanban.
• Infrastructure and security as code. Standardizing and codifying infrastructure and control-engineering processes can simplify the management of complex environments and increase a system’s resilience.
• Software bill of materials. As compliance requirements grow, organizations can mitigate the administrative burden by formally detailing all components and supply chain relationships used in the software. This approach also helps ensure that security teams are prepared for regulatory inquiries.

Standardizing and codifying infrastructure and control-engineering processes simplify the management of complex environments and increase a system’s resilience. An organization is only as good as its people, and its security is only as strong as its understanding of why security matters. MongoDB, a data platform development company, how it established a security champions program to help its employees make security a top priority. To raise awareness of security issues and create a robust security culture, MongoDB rebooted its security champions program during the pandemic. As of October 2022, the program had hosted more than 20 events, bringing employees together to learn about security through scenario planning and to participate in team-building activities, like Capture the flag.

MongoDB’s goal is to have 10 % of its employees participate in the security champions program. Participants vow to give it a few hours each week and then serve as security ambassadors to their teams and departments. The company’s leaders also see the program as a vehicle for training because it helps upskill employees, who can then take positions on the security and compliance teams. “This is great,” says MongoDB chief information security officer Lena Smart, “during a time when it is quite difficult to find skilled [cybersecurity] talent.”

Cybersecurity talent help mitigate cyber risk

Technical controls and capabilities are, and will always be, necessary to secure the environment of any organization. But it will be even better positioned to reduce its exposure to cybersecurity risk if it adopts a new approach to hiring cybersecurity talent. That approach focuses on preplanning and understanding cybersecurity needs holistically. Hiring cybersecurity workers isn’t easy, especially given the global shortage of skilled ones: according to a 2022 study, there’s a cybersecurity workforce gap of 3.4 million. One way to tackle the problem is the talent-to-value protection approach. Using this approach, leaders define the roles that stand to reduce the most risk or create the most security value. Roles identified as priorities should be filled as soon as possible. This approach allows organizations to hire the right people at the right times, ensuring that spending on personnel is aligned with growth aspirations.

Following three steps to implementing talent-to-value protection:

1.  Identify the most important cybersecurity activities given the organization’s needs, as well as the most pressing risks that should be mitigated. These can be determined through risk modeling and ranking potential vulnerabilities by the degree of risk they pose.

2.  Define the priority roles that reduce risk most effectively.

3.  Build job descriptions for these priority roles and determine whether upskilling or hiring is the best way to fill each of them.

 CYBERSECURITY TRENDS & STATISTICS FOR 2023 RELEVANT TO US :

Every year we peruse emerging statistics and trends in cybersecurity and provide some perspective and analysis on the potential implications for industry and government from the data. While cybersecurity capabilities and awareness seem to be improving, unfortunately, the threat and sophistication of cyber-attacks are matching that progress. The emerging digital ecosystem is treacherous. In our current digital environment, every company is now a reachable target, and every company, large or small, has operations, brand, reputation, and revenue pipelines that are potentially at risk from a breach.

For 2023 and beyond the focus needs to be on the cyber-attack surface and vectors to determine what can be done to mitigate threats and enhance resiliency and recovery. As the interest greatly expands in users, so do the threats, As the Metaverse comes more online it will serve as a new vector for exploitation. Artificial intelligence and machine learning, while great for research & analytics (i.e. ChatGPT). However, AI tools can also be used by hackers for advanced attacks. Deep fakes are already being deployed and bots are continuing to run rampant. and the geopolitics of the Russian invasion of Ukraine has highlighted the vulnerabilities of critical infrastructure (CISA Shields Up) by nation-state threats, including more DDSs attacks on websites and infrastructure. Most ominous was the hacking of a Ukrainian satellite.

Here are some initial digital ecosystem statistics to consider: According to a Deloitte Center for Controllership poll. “During the past 12 months, 34.5% of polled executives report that their organizations' accounting and financial data were targeted by cyber adversaries. Within that group, 22% experienced at least one such cyber event and 12.5% experienced more than one.” And “nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations' accounting and financial data to increase in the year ahead. And yet just 20.3% of those polled say their organizations' accounting and finance teams work closely and consistently with their peers in cybersecurity.” Nearly half of the executives expect cyber-attacks targeting accounting, other systems Nearly half of the executives expect cyber-attacks targeting accounting, other systems.

AI and ML Making Impacting the Cyber-Ecosystem in a Big Way in 2023 and Beyond

International Data Corporation (IDC) says AI in the cybersecurity market is growing at a CAGR of 23.6% and will reach a market value of $46.3 billion in 2027.AI and ML can be valuable tools to help us navigate the cybersecurity landscape. Specifically, it can (and is being) used to help protect against increasingly sophisticated and malicious malware, ransomware, and social engineering attacks. AI’s capabilities in contextual reasoning can be used for synthesizing data and predicting threats.  They enable predictive analytics to draw statistical inferences to mitigate threats with fewer resources. In a cybersecurity context, AI and ML can provide a faster means to identify new attacks, draw statistical inferences and push that information to endpoint security platforms. While AI and ML can be important tools for cyber-defense, they can also be a two-edged sword. While it can be used to rapidly identify threat anomalies and enhance cyber defense capabilities, it can also be used by threat actors. Adversarial Nations and criminal hackers are already using AI and MI as tools to find and exploit vulnerabilities in threat detection models.

Cybercriminals are already using AI and machine learning tools to attack and explore victims’ networks. Small businesses, organizations, and especially healthcare institutions that cannot afford significant investments in defensive emerging cybersecurity tech such as AI are the most vulnerable. Extortion by hackers using ransomware and demanding payment by cryptocurrencies may become and more persistent and evolving threat. The growth of the Internet of Things will create many new targets for the bad guys to exploit. There is an urgency for both industry and government to understand the implications of the emerging morphing cyber threat tools that include AI and ML and fortify against attacks.

Three Key applications of artificial intelligence for cybersecurity include, Network Vulnerability Surveillance and Threat Detection, Incident Diagnosis and Response, and applications for Cyber Threat Intelligence Reports.

Cybercrime is growing exponentially. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025. There are many factors for such growth and some of them will be explored in more detail below like programming code abstract technology background of software developer and Computer script.

Open-Source Vulnerabilities Found in 84% of Code Bases

It starts with open-source code. Unfortunately, according to Synopsys researchers, at least one open-source vulnerability was found in 84% of code bases. The vulnerability data was included in Synopsys' 2023 Open Source Security and Risk Analysis (OSSRA) report on 2022 data. Since most software applications rely on open-source code, this is still a significant cybersecurity issue to address. The report noted: “Open source was in nearly everything we examined this year; it made up the majority of the code bases across industries,” the report said, adding that the code bases contained troublingly high numbers of known vulnerabilities that organizations had failed to patch, leaving them vulnerable to exploits. All code bases examined from companies in the aerospace, aviation, automotive, transportation, and logistics sectors contained some open-source code, with open-source code making up 73% of the total code. “

As significant as the risks from the open-source code are, they can be detected by penetration testing and especially by patching. The report found that patches clearly are not being applied. It cited that “of the 1,481 code bases examined by the researchers that included risk assessments, 91% contained outdated versions of open-source components, which means an update or patch was available but had not been applied.”

One way that hackers take advantage of code vulnerabilities and open-source flaws is via zero-day exploits. Recently a ransomware gang used a new zero-day flaw to steal data on 1 million hospital patients. “Community Health Systems (CHS), one of the largest healthcare providers in the United States with close to 80 hospitals in 16 states, confirmed this week that criminal hackers accessed the personal and protected health information of up to 1 million patients. The Tennessee-based healthcare giant said in a filing with government regulators that the data breach stems from its use of a popular file-transfer software called GoAnywhere MFT.” Clop claims it mass-hacked 130 organizations, including a US hospital network. As a remedy to avoid vulnerability exploits and keep open source code updated, the report suggested that organizations should use a Software Bill of Materials (SBOMS). We agree, in addition to Pen testing, SBOMS is an important way to map systems and organize them to be more cyber secure. An SBOM is basically a list of ingredients that make up software components and serves as a formal record containing the details and supply chain relationships of various components used in building the software.

 A specific use case for SBOMS. They include transparency into software provenance and pedigrees, continuous security risk assessment, access control and sharing with customers who can access and what data can be seen, threat intelligence data correlation, software composition license analysis and policy enforcement, software component end of-life monitoring, SCRM - Supply Chain Risk Management and supply chain screening, SBOM documents repository and orchestration, efficiency in data query and retrieval.

Clearly, SBOMS is a good path forward in discovering and correcting open-source vulnerabilities in code.

Phishing Continues to be a Preferred Method of Hackers in 2023

Phishing is still the tool of choice for many hackers. Phishing is commonly defined as a technique of hackers to exfiltrate your valuable data or to spread malware. Anyone can be fooled by a targeted phish, especially when it appears to be coming as a personal email from someone higher up the work chain, or from a bank, organization, or website we may frequent.

Advances in technology have made it easier for hackers to phish. They can use readily available digital graphics, apply social engineering data, and a vast array of phishing tools, including some automated by machine learning. Phishing is often accompanied by ransomware and a tactic for hackers is to target leadership at companies or organizations (spear-phishing) because they usually have better access to valuable data and make ready targets because of a lack of training. According to the firm Lookout, the highest rate of mobile phishing in history was observed in 2022, with half of the mobile phone owners worldwide exposed to a phishing attack every quarter. The Lookout report was based on Lookout’s data analytics from over 210 million devices, 175 million apps, and four million URLs daily. The report noted that “non-email-based phishing attacks are also proliferating, with vishing (voice phishing), smishing (SMS phishing), and quashing (QR code phishing) increasing sevenfold in the second quarter of 2022. And that “the damage can be colossal for businesses that fall victim to mobile phishing attacks: Lookout calculated that the potential annual financial impact of mobile phishing to an organization of 5000 employees is nearly $4m.

The report also noted that “Cybercriminals mostly abused Microsoft's brand name in phishing attacks, with more than 30 million messages using its branding or mentioning products like Office or OneDrive. However, other companies were also frequently impersonated by cybercriminals, including Amazon (mentioned in 6.5 million attacks); DocuSign (3.5 million); Google (2.6 million); DHL (2 million); and Adobe (1.5 million).”

Ransomware and Phishing: the current state of cyber-affairs is an especially alarming one because ransomware attacks are growing not only in numbers but also in the financial and reputational costs to businesses and organizations. Currently, ransomware, mostly via phishing activities, is the top threat to both the public and private sectors. Ransomware allows hackers to hold computers and even entire networks hostage for electronic cash payments. In the recent case of Colonial Pipeline, a ransomware attack disrupted energy supplies across the east coast of the United States.

“In 2022, 76% of organizations were targeted by a ransomware attack, out of which 64% were actually infected. Only 50% of these organizations managed to retrieve their data after paying the ransom. Additionally, a little over 66% of respondents reported having had multiple, isolated infections.” Since most of us are now doing our work and personal errands on smartphones, this is alarming data. But there are remedies. Training employees to identify potential phishing emails is the first step in prevention, but many of the obvious clues, such as misspelled words and poor grammar, are no longer present. Fraudsters have grown more sophisticated, and employees need to keep up with the new paradigm. Human errors are inevitable, however, and some employees will make mistakes and accidentally fall victim to phishing. The backup system at that point should include automated systems that can silo employee access and reduce damage if a worker’s account is compromised. The best way is to establish and monitor administrative privileges for your company. You can limit employee access or require two [authentication] steps before they go there. A lot of companies will also outlaw certain sites that workers can’t go visit, so it makes it more difficult to get phished.

 Business E-mail Compromise

Often done in coordination with phishing, business email compromise is still a serious cybersecurity issue. A research company Trellix determined 78% of business email compromises (BEC) involved fake CEO emails using common CEO phrases, resulting in a 64% increase from Q3 to Q4 2022. Tactics included asking employees to confirm their direct phone number to execute a voice-phishing – or vishing – scheme. 82% were sent using free email services, meaning threat actors need no special infrastructure to execute their campaigns. “Seventy-five % of organizations worldwide reported an attempted business email compromise (BEC) attack last year. While English remained the most common language employed, companies in a few non-English nations witnessed a higher volume of attacks in their own languages, including organizations in the Netherlands and Sweden, which reported a 92% jump in such attacks; in Spain, with a 92% jump; Germany, with an 86% increase; and France, with an 80% increase.” “Business Email Compromise (BEC) attacks are no longer limited to traditional email accounts. Attackers are finding new ways to conduct their schemes — and organizations need to be prepared to defend themselves. Attackers are leveraging a new scheme called Business Communication Compromise to take advantage of large global corporations, government agencies, and individuals. They are leveraging collaboration tools beyond email that include chat and mobile messaging — including popular cloud-based applications such as Slack, WhatsApp, LinkedIn, Facebook, Twitter and many more — to carry out attacks business emails have been a top target of hackers. Accordingly, organizations need to create a corporate risk management strategy and vulnerability framework that identifies digital assets and data to be protected, including sensitive emails. Such as risk management strategy should be holistic and include people, processes, and technologies. This includes protecting and backing up email data, and the business enterprise systems such as financial systems, email exchange servers, HR, and procurement systems with new security tools (encryption, threat intel, and detection, Identity Access Management, firewalls, etc.), and policies. That risk management approach must also include knowing your inventory and gaps, integrating cybersecurity hygiene practices, procuring, and orchestrating an appropriate cyber-tool stack.

Fraud is Trending Digital, Especially Identity Theft

Fraud has always been a societal problem, but it is being compounded by the expansion of criminals in the digital realm. The cost is going higher as more people do their banking and buying online. Federal Trade Commission (FTC) data shows that consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 % over the previous year. Much of this fraud came from fake investing scams and imposter scams. Perhaps most alarming in this report was that there were over 1.1 million reports of identity theft received through the FTC’s IdentityTheft.gov website. FTC reveals an alarming increase in scam activity, costing consumers billions - Help Net Security. The reason for the increased rate of identity fraud is clear. As we become more and more connected, the more visible and vulnerable we become to those who want to hack our accounts and steal our identities. The surface threat landscape has expanded exponentially with smartphones, wearables, and the Internet of Things. Moreover, those mobile devices, social media applications, laptops & notebooks are not easy to secure. There are no complete remedies to identity theft but there are actions that can enable people and companies to help deter the threats. Below is a quick list of what you can do to help protect your accounts, privacy, and reputation:

1) Use strong passwords. Hackers are quite adept at guessing passwords especially when they have insights into where you lived in the past (street names), birthdays, and favorite phrases. Changing your password regularly can also complicate your tasks.

2) Maintain a separate computer to do your financial transactions and use it for nothing else.

3) Consider using encryption software for valuable data that needs to be secured. Also, set up Virtual Private Networks for an added layer of security when using mobile smartphones.

4) Very important; to monitor your credit scores, your bank statements, and your social accounts on a regular basis. Life Lock and other reputable monitoring organizations provide account alerts that are very helpful in that awareness quest. The quicker you detect fraud the easier it is to handle the issues associated with identity theft.

5) If you get breached, if it is especially serious, do contact enforcement authorities as it might be part of a larger criminal enterprise that they should know about. In any severe breach circumstance consider looking for legal assistance on liability issues with creditors. Also, consider hiring outside reputation management if necessary.

SD Worx pauses HR operations after cyberattack

Unleashed, SonicWall News: SonicWall warned recently that “new tactics are being developed with breathtaking speed. For the past two years, ransomware has been on a tear, increasing 62% year over year in 2020 and another 105% in 2021,” a 2023 SonicWall report said. “During this time, Ransomware-as-a-Service took off, compromised credentials became cheaper and more plentiful than ever, and the number of vulnerabilities continued hitting record highs.

FBI warning: Don’t use public phone charging stations

San Francisco Examiner, SonicWall News: SonicWall warned recently that “new tactics are being developed with breathtaking speed. For the past two years, ransomware has been on a tear, increasing 62% year over year in 2020 and another 105% in 2021,” a 2023 SonicWall report said. “During this time, Ransomware-as-a-Service took off, compromised credentials became cheaper and more plentiful than ever, and the number of vulnerabilities continued hitting record highs.

UAE residents can insure phones, other gadgets against cyberattacks, economic losses

Zawya (UAE), SonicWall News: According to the latest figures from cybersecurity leader SonicWall reveal, the UAE recorded a 14 % drop in total malware attacks in 2022 but the number of attacks in 2022 in the UAE (71 million) was more than the combined total in 2019 and 2020 (37.3 million and 19 million, respectively).

North Korea accelerates nuclear missile programme with ‘treasure sword’ — $1.7bn from crypto heists

DL News, SonicWall News: “As for individual crypto investors, they should be aware of the risks of having their assets in these exchanges,” said Chavoya. “North Korean crypto hacking is so important to the Kim regime that it is going to continue scaling despite tighter restrictions,” Chavoya said.

Hackers Are Cashing in With Hijacked IP Addresses

TechNewsWorld, SonicWall News: These apps are often promoted via referral programs, with many notable “influencers” promoting them for passive income opportunities, said Immanuel Chavoya, the senior manager of product security at SonicWall, a network firewall maker in Milpitas, Calif.

Behavior-Based Security Training to Stem Tide of Cybersecurity Breaches

American Security Today, SonicWall News: In the first half of 2022, SonicWall detected 270,228 never-before-seen malware variants. That’s an average of 1,500 new variants per day.

Silence gets you nowhere in a data breach

TechCrunch, SonicWall News: Attackers are increasingly targeting smaller businesses – as outlined in the 2023 SonicWall Cyber Threat Report — due to the fact they are seen as easier targets than large companies. This means that your startup is likely to get compromised at some point.

SonicWall CEO: Success will come from listening to partners

Microscope, SonicWall News: “I kind of flipped the sales team upside down to really make the team aligned with our partners,” he said. “Our partners are a force multiplier, one of our key differentiators. Not diminishing our product capabilities, but from the-go-to market standpoint, I really leaned into better aligning, and better listening to our channels where they were going with their businesses, requirements, needs and pain points.

Malware attacks on IoT and cryptojacking are growing in 2022

Computer Weekly (Spain), SonicWall News: Despite the 21% drop in ransomware globally, 2022 was the second year with the highest number of attack attempts with 493.3 million, SonicWall, which also reported a 2% increase in malware, 87% in IoT malware and 43% in crypto jacking.

DC Health Link Breach Exposes Private Information of Lawmakers

InformationWeek, SonicWall News: The healthcare industry is a popular target for breaches. Care providers and insurance companies safeguard valuable data. “Threat actors believe that healthcare providers and related organizations have no option but to pay the ransom, as restoring operations can mean the difference between life and death,” Immanuel Chavoya, threat detection and response strategist at cybersecurity company SonicWall, points out.

Ferrari in Italy targeted in cyber attack

MotorTrader, SonicWall News: In the UK, dealer groups Pendragon and Arnold have been targeted for cyber crime. According to the cyber security 2023 SonicWall Threat Report, the UK is the 2nd most attacked country in the world, after the US. It said ransomware attacks last year doubled.

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

Help Net Security, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of crypto jacking attacks (139.3 million), according to SonicWall.

US National Secrets Leaked by Air National Guardsman in Discord Server

A 21-year-old member of the Massachusetts Air National Guard has been identified as the person responsible for leaking classified government and military intelligence on a private Discord server. Attorney General Merrick Garland stated, “Today the Justice Department arrested Jack Douglas Teixeira in connection with an investigation into alleged unauthorized removal, retention and transmission of classified national defense information.” Teixeira originally leaked the documents solely to the private server, but the documents later appeared in several other Discord servers including a large Minecraft server with thousands of members. The intelligence included sensitive information about the war in Ukraine and much more. It was making the rounds on Discord for months before the proper authorities caught on. Teixeira will soon have his first court appearance in the U.S. District Court for the District of Massachusetts.

Microsoft Catches Israel-based Threat Group Selling Mobile Spyware

Threat intelligence researchers at Microsoft stated this week that a threat group they’ve been tracking as DEV-0196 is actually a Private-Sector Offensive Actor (PSOA) known as QuaDream. QuaDream, which is based in Israel, sells a malicious software suite called REIGN to governments around the world. REIGN consists of malware, exploits and a mobile data exfiltration tool. According to Dark Reading, the actions of the group have been in-line with another Israel-based threat group known as NSO group. NSO group has been blacklisted for peddling the Pegasus iOS spyware to hostile governments. Oddly, QuaDream does not have a website, but they have allegedly been active since 2016. A winter 2022 report from Meta claimed QuaDream was performing tests to exfiltrate data from both Android and iOS devices. The software QuaDream is selling utilizes zero-click exploits which can be difficult to protect against. The Microsoft researchers recommended following basic cyber hygiene practices to minimize risks.

 Brands Discloses Data Breach

Fast food giant Yum! was the victim of a data breach in mid-January. The KFC, Pizza Hut and Taco Bell brand owner has started sending out notifications to some individuals whose personal information was stolen. The notifications disclosed that the names, driver’s license numbers and other ID numbers of some persons had been stolen by the attackers. According to Bleeping Computer, Yum! temporarily shut down approximately 300 restaurants in the United Kingdom as a result of the attack. No customer information was stolen during the attack. All of the stolen personal information belonged to employees of Yum! Brands. The total number of affected individuals is unknown at this time.

Russian Hacker Gang Linked to Espionage Effort

A Russia-linked hacker gang named Nobelium has been linked to attacks on foreign ministries and diplomatic entities in multiple NATO, European Union and African nations. The connection to Nobelium was made when Polish intelligence agencies noticed similarities between the group carrying out these attacks and the group that carried out a major attack on SolarWinds in 2020. The Polish agencies noted that Nobelium is using both new and old tools to carry out these attacks. Hacker News stated that the attacks typically begin with spear-phishing emails to diplomats disguised as invitations to meetings. If the victim opens the included booby-trapped PDF file, an HTML dropper is deployed and releases multiple previously unknown malware strains onto the victim’s device.

WordPress Hit by Balada Injector Malware Campaign

A malware campaign has infected more than a million WordPress websites with a malware that redirects visitors to scam sites. The campaign was designed to deploy a malicious program called Balada Injector. The malware targets vulnerabilities in outdated plugins and themes, and it’s been active on WordPress since 2017. The threat actors initiate the attacks, and once the attackers successfully infiltrate the sites, they then insert malicious JavaScript code that redirects visitors to fake tech support sites, fake CAPTCHA pages, and more. Hacker News stated that the attacks usually come in waves once every few weeks. Researchers warned that the malware could expose visitors to more nefarious threats, such as identity theft and ransomware. All WordPress site owners have been advised to update their themes and plugins to the latest versions.

 conclusion

Security Leaders Must Pivot to a Human-Centric Focus to Establish an Effective Cybersecurity Program. Security and risk management (SRM) leaders must rethink their balance of investments across technology and human-centric elements when creating and implementing cybersecurity programs in line with nine top industry trends. A human-centered approach to cybersecurity is essential to reduce security failures. Focusing on people in control design and implementation, as well as through business communications and cybersecurity talent management, will help to improve business-risk decisions and cybersecurity staff retention. “To address cybersecurity risks and sustain an effective cybersecurity program, SRM leaders must be focused on three key domains: (i) the essential role of people for security program success and sustainability; (ii) technical security capabilities that provide greater visibility and responsiveness across the organization’s digital ecosystem; and (iii) restructuring the way the security function operates to enable agility without compromising security