A Security Industry Report Worth Reading

Malwarebytes, a leading advanced endpoint protection and remediation solution provider, today announced the findings of its annual “State of Malware” report, and I think you should read it. Let me clarify. I think you should read it if you need to understand the current cyberthreat landscape. 

Here’s why.

As a journalist that covers cybersecurity, I see dozens of industry reports each year. Each looks at the issues important to security professionals from a unique perspective and through a deliberate lens. Vendors of security products and solutions have grown fond of using industry reports as a marketing tool. This practice seems almost duplicitous. Reading between the lines of these reports exposes the reports sponsors’ motive, and their purpose is, of course, to highlight those threats, vulnerabilities, and problems that can best be solved by their product. If your company makes hammers, you want everyone to notice all of the issues involving nails. I get that. 

While I find the practice of presenting marketing material under the guise of a report a little unsavory, it can, nonetheless, be quite useful. To the credit of security vendors generally, they clearly identify when they are the sponsor of these reports. As consumers of these reports, we all understand that there will be some bias that benefits the sponsor. We have mostly come to terms with the idea that if we want good quality content – reports or any other type of content – for free, we need to tolerate being fed some marketing ideas along the way. After all, somebody has to pay for the time and effort required to research and publish these reports. Really, this is no different than allowing ads to display when we opt to use a free version of a web application. 

As long as we understand who the sponsor is and what their biases are, we can be the beneficiary of useful information free of charge. We are only disappointed when we find that the report provided little valuable information and was heavy on the marketing information. 

All of that being said, the Malwarebytes Labs 2020 State of Malware Report is one of the few reports each year that provides useful information and little if any marketing. It tilts the scale way toward the side of offering value versus presenting marketing information. They can do this because their product offering protects against such a wide range of threats that they have no need to skew the data to favor their solutions. All they need us to do is be aware of the actual cyber threatscape. They seem confident that armed with accurate information, we will still see a need for their products. And, who knows, maybe our appreciation for the valuable information will paint them in a favorable light. It builds goodwill in the industry to give stuff away for free. 

If you are interested in cybersecurity and the threat landscape, you will read this report yourself, but let me provide a preview of what you can expect to see.

Notably, this year’s report shows Mac threats growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats. In addition, Malwarebytes saw cybercriminals continuing to focus on business targets with diversification of threat types and attack strategies in 2019.

The report discusses how Trojan-turned-botnets Emotet and TrickBot made a return in 2019 to target organizations alongside new ransomware families, such as Ryuk, Sodinokibi, and Phobos. In addition, a wave of new hack tools and registry key disablers made a splashy debut in Malwarebytes’ top detections, reflecting greater sophistication used by today’s business-focused attackers. 

This report is well written, easy to digest, and concise. A section of the report is dedicated to each of the following:

  • Windows threat landscape 2019
  • Mac threat landscape 2019
  • Android threat landscape 2019
  • Web threat landscape 2019
  • Regional threats 2019
  • Data privacy in 2019
  • 2020 cybersecurity predictions

The report includes an engaging executive summary, key takeaways, and an insightful conclusion.

The Malwarebytes Labs 2020 State of Malware Report is not the only worthwhile industry report, by far. Others dig deeper into a specific aspect of security, such as mobile threats or ransomware specifically. This Malwarebytes report provides a snapshot of the current condition of the struggle against cyber-adversaries. It looks hard at 2019 and makes comparisons against previous years to identify trends and make predictions. 
You can read a copy of the report here: 2020 State of Malware Report

Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.