Software and IT among the biggest sectors at risk for attack
CYREBRO, the developers of the first online, technology-agnostic Security Operations Center (SOC) Platform, unveiled research revealing that vulnerability exploitation was the top threat against SMBs in 2021. CYREBRO analyzed over 310 thousand alerts from its customers, of which 80 percent are SMBs across a wide array of industries.
Since the beginning of 2021, 40 percent of attacks that CYREBRO investigated were based on vulnerability exploits coming from sophisticated threat actors. Phishing accounted for five percent of all attacks while supply chain attacks represented only one percent. Enterprises were more at risk from supply chain attacks due to the higher number of tools, endpoints and individual users compared to SMBs.
Top iTechnology Cloud News: vArmour Joins SAP PartnerEdge Open Ecosystem
“Given how phishing dominates discussions within cybersecurity, it was surprising to find that vulnerability exploitation was the top attack risk in our research,” said CYREBRO CTOÂ Ori Arbel. “Last year ended with the exploitation of Log4j – one of the worst internet threats in the last decade – and it will likely besiege SMBs for years to come. Many small companies that operate with minimal security personnel don’t have a clear understanding of every program they use and the software components within each of those systems, making vulnerabilities a challenge to manage and effectively keep on top of.”
Software and IT sector companies were at the largest risk of attack, accounting for one in four threats, while companies within the financial/banking sector accounted for about one in five. Despite healthcare being one of the most sensitive sectors for enterprises, CYREBRO found only six percent of attacks were within this sector as most of their customers are SMBs.
Top iTechnology Analytics News: Planful Named a Leader in the Nucleus Research CPM Technology Value Matrix for Ninth Consecutive Year
CYREBRO’s report advises that it is critical for all SMBs to step up their cybersecurity efforts, and ensure that software vulnerabilities are fixed quickly with the latest updates implemented throughout the organization. Companies should also use known block lists to restrict dangerous sources in addition to using network intrusion protection systems, to detect malware attempts, and anti-virus/anti-malware solutions to detect known phishing campaigns and the associated malware.
CYREBRO collected data from over one million computer entities from the beginning of 2021, and analyzed the number of events, alerts, and cases it intercepted and investigated.
Top iTechnology IT and DevOps News: Itron Named a Visionary in the 2022 Gartner Magic Quadrant for Managed IoT Connectivity Services
[To share your insights with us, please write to sghosh@martechseries.com]