With a steady increase in cyberattacks each year and a constantly evolving threat landscape, more organizations are turning their attention to building long-term cyber resilience: the ability of the workforce to adapt, respond, and recover from cybersecurity incidents, not merely the ability to detect and prevent them. To learn more about the state of cyber resilience, we surveyed senior security and risk leaders and found that cyber resilience indeed tops their list of strategic and spending priorities for organizations in 2023, driven largely by concerns about ransomware, supply chain and third-party attacks, and coding vulnerabilities.

The goal of this paper is to help decision-makers and entities who can protect systems from ransomware at scale, such as the security industry, governments, and policymakers, to form defensive strategies on how best to make an impact on the ransomware ecosystem. While this paper does not focus on hands-on technical defenses that an enterprise would look to for deployment, it does aim to provide decision-makers with methods for understanding the level of risk that an organization faces from this threat.

Our international survey explored the experience of ransomware attacks on organizations over the last 12 months. The findings show that almost three-quarters (73%) of respondents report being hit with at least one successful ransomware attack in 2022 — and 38% say they were hit twice or more.

Executives clearly recognize the danger. Almost three-quarters (74%) of 168 executives recently surveyed by Harvard Business Review Analytic Services regard cyber risk as one of the top-three risks their company faces today, and 67% predict it will be a top three risk two years for now. Only half of respondents, however, say they are successful or very successful at generating insights and enabling informed decisions on cyber risk and at anticipating, preparing for, and responding to future cyber incidents.

The industrial cyber threat landscape is constantly changing with new adversaries, vulnerabilities, and attacks that put operations and safety at risk. The 6th annual Dragos Year in Review summarizes what you need to know about your threats and benchmark your OT cybersecurity posture.

Dragos is excited to present the fifth year of the annual Dragos Year In Review report on Industrial Control System (ICS)/Operational Technology (OT) cyber threats, vulnerabilities, assessments, and incident response observations. This report captures how a portion of the industrial community is performing and progressing, and highlights the areas that need improvement to provide safe, reliable operations into 2022 and beyond.

This report, based on VMware’s experience with a diverse customer base, offers a comprehensive look at Linux-based malware threats to multi-cloud environments. It highlights the unique characteristics of this class of threats and provides guidance on how combining endpoint detection and response (EDR) and network detection and response (NDR) solutions can help organizations stay ahead of the threats Linux-based malware poses.

In this year’s survey, more than 80% of respondents say they are “very” or “extremely” concerned about the threat of ransomware, yet a similar number (78%) of organizations surveyed also believe they are “very” or “extremely” prepared to thwart a breach. Despite those concerns and feelings of preparedness, half of the organizations surveyed still fell victim to ransomware last year.

Cyberattacks continue to grow in quantity and sophistication at the same time that organizations’ systems become increasingly complex. Security teams, as always, feel the stress. But a surprising outcome of our 2023 State of Security research is that the number of respondents who say they just can’t keep up has shrunk. Whether this data represents incremental improvement or a onetime windfall, organizations should press any advantage. Which won’t be easy: Most security teams tell us they’re too stuck in reactive mode to be effectively proactive.

This report, the result of a collective effort of Black Kite Researchers, focuses on what has changed in 2022, for better or for worse, compared to 2021. It highlights some of the lessons of past years and those still being learned within the changing cyber landscape. For this study, Black Kite Research analyzed 63 individual third party incidents, which ultimately resulted in more than 298 publicly-disclosed headline breaches and data leaks during the past year. These events inevitably caused thousands of other ripple-effect breaches throughout 2022. The report finalizes the lessons learned and relevant recommendations for the future.

In this third volume of the Security Outcomes Report, we break security resilience down into digestible and actionable insights. (Because we’re sure you have enough on your plate without having to crack the code to resilience on your own.) No one report can cover all there is to know about such a colossal subject matter; but we’ve surfaced some highlights for you to consider when building and refining your cybersecurity strategy for the road ahead.

This report explores the critical distinctions between natural and cyber catastrophes, why cyber requires an entirely different approach, and how Active Insurance can mitigate cyber risk. We also provide an in-depth look at how we construct our model and explain why Coalition remains confident that cyber risk is insurable and that cyber insurance can play an essential role in the modern economy.

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

MSPs have unique cybersecurity challenges to secure their businesses and customers. The “2023 MSP Threat Report” addresses these challenges specifically, using threat intelligence, insights, and predictions from the ConnectWise Cyber Research Unit (CRU). The report covers the following: Major MSP-focus hacks in 2022, emerging and continuing cyberattack trends, top ransomware methods of threat actors, and action items for MSPs in 2023.

This white paper breaks down existing methods of preventative cyber security and deep dives into Darktrace PREVENT: a product family that combines many of the best aspects of existing methods in an end-to-end, AI-powered solution.

This report will focus on dark markets and cross-chain bridges. We continue looking at the trends, current events, hacks, thefts, exploits, and global regulatory developments. Our goal, as always, is to keep you informed and to highlight emerging and ongoing trends to give you the best possible information to keep your business running smoothly.

In the 2023 Unit 42 Ransomware Threat Report explores recent incident response cases, as well as our threat intelligence analysts’ assessment of the larger threat landscape. It also offers predictions for how we believe threat actors will use ransomware and extortion tactics going forward. As of late 2022, threat actors engaged in data theft in about 70% of cases on average, Compare this to mid-2021, and we saw data theft in only about 40$ of cases on average. Threat actors often threaten to leak stolen data on dark web leak sites, which are increasingly a key component of their efforts to extort organizations.

Everstream’s proprietary risk scoring model incorporates historic, present, and future risk across more than 20 major categories. Using human and artificial intelligence, we predict overall risk exposure, probability, severity, and relevance for our individual clients and end users. Every day Everstream identifies relevant events that help our clients avoid disruption, including these from 2022.

The Evolution of DDoS: Return of the Hacktivists is a joint report by FS-ISAC and Akamai to educate our community on the new and evolving threat of DDoS, the business risks it poses, and best practices on mitigation for the sector to better combat these attacks.

In the new Cybereason survey, 1,203 cybersecurity professionals from eight countries and a dozen industries were asking to describe the challenges currently faced by their SOCs and how they impact their plans for modernization. Nearly half of the respondents (49%) said ransomware is the most common incident type they deal with daily, followed closely by supply chain attacks (46%). Thirty-seven percent said daily alerts consumed most of their time, and 31% identified targeted attacks as a top daily concern.

The focus on resilience is changing the role of security leaders in their organizations. These discussions vary based on many factors, most notably the maturity level of the organization. Long-established legacy orgs have a harder time adopting a new approach, be it A-driven automation, a zero trust framework or DevSecOps practices, while fresh-face startups may have never done it any other way.