Do you like to keep tabs on the cybersecurity threatscape? Then read this report. You will gain valuable insights into the current state of the never-ending war being fought on the front lines of cyberspace.
The Crypsis 2020 Incident Response & Data Breach Report covers ransomware, business email compromise, and data breaches with a foreword by General Michael Hayden. There are subsections detailing network intrusions, inadvertent disclosure, and insider threats.
The report was derived from over 1,000 engagements conducted by The Crypsis Group experts. It was developed to provide deep insights into real-world cybersecurity risks while offering detailed security “Pro Tips” in each risk area to help organizations defend against a wide range of threats.
In his foreword to the report, General Hayden, a retired four-star United States Air Force General, the former Director of the Central Intelligence Agency (CIA), and the former Director of the National Security Agency (NSA) commented about where the responsibility for security leadership rests. He said, “Cyber threats evolve at an alarming pace; and I believe that, in this case, the private sector — including the businesses that must employ security governance, policies, controls, and best practices, as well as the cybersecurity firms charged with assisting and advising them — must lead the way, arming themselves against the barrage of attacks. The government’s role should be to offer support and resources in the quest to better overall security.”
The report reveals that threat actors across a range of cyberattack types have significantly escalated tactical approaches. They are becoming more targeted, conducting victim research, and leveraging techniques that enable them to be more successful and extract higher-dollar payouts for their efforts.
Highlights of what is to be found in this report include:
- Requested ransom demands were up 200% in 2019
- Business email compromise (BEC) wire fraud losses averaged $264,117/incident
- Malicious insider threat investigations up 70%
- Healthcare and Financial Services sectors hardest hit
BEC threat actors are conducting lengthy research on victims to ensure a higher degree of success. Additionally, Insider Threats were a dark horse cyber risk of 2019. While nation-state and e-crime threat groups garner the headlines, insidious insiders were silently grabbing organizations’ sensitive data. In terms of motive, 57% of attacks were waged by employees looking to advance their careers and who were departing the victim organization, whether or not the organization was aware of the employee’s impending departure.
More than just a report, you’ll appreciate the “Act Now” and “Pro Tip” sections scattered throughout.
Steven Bowcut, CPP, PSP is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Facebook, Instagram, and LinkedIn.