The National Cyber Threat Assessment 2023-2024 will help Canadians understand current cyber security trends, and how they are likely to evolve. The NCTA is especially helpful for Canadian decision-makers as the focus is on cyber threats most relevant to Canada.

2023 will most likely be just challenging as the previous few years, but I’m confident that the cybersecurity market has the right tools to deal with the constantly shifting cybercrime landscape and new/consolidated threats, whether we’re talking about supply chain attacks, ransomware, deepfakes or cyber espionage.

The purpose of this report is to share our view on how the threat landscape has evolved over the last twelve months, with a clear focus on our first-hand observations of threat actor tooling and behaviors. This report reviews changes in the ransomware landscape, and in the behavior of threat actors enabling ransomware groups with malware like loaders and stealers. It surveys significant activity by major government-sponsored threat groups. And it examines how threat actors move swiftly to exploit new vulnerabilities, and how they combine sophisticated with more basic techniques to evade detection by defenders once inside the network. The report concludes by examining how Taegis forms the backbone of this visibility.

This report summarizes the ever-changing TTPs leveraged to achieve Initial Access from security incidents thwarted by eSentire’s 24/7 SOC Analysts over a two-year period between April 2020 to April 2022. Experts from out TRU team have summarized an analysis of Initial Access trends and presented recommendations on how your organization can precent attackers from establishing initial footholds and deploying malware.

This first-of-its-kind report offers insight into how organizations are navigating the global cyber security threat landscape. Findings are drawn from extensive interviews with 1,350 business and IT leaders who make security decisions for organizations with at least 1,000 employees. Respondents were based in 13 countries across three regions and in 18 sectors - including financial services, healthcare and government.

Intel 471 reported 34 ransomware variants were used to conduct 722 attacks from October 2021 to December 2021, an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.

This report provides a strategic-level overview of threats identified impacting the U.K. and U.K. based businesses, including ransomware and initial access brokers (IABs). as well as common threat actors tactics, techniques and procedures (TTPs) observed.

In this Director Sentiment Monitor for Q4 2022, 41% of respondents told us their primary organization has experienced a cyber attack. Interestingly, 36% of respondents said their primary organization had cyber security as a standing item at all board meeting, while 27% said it was discussed quarterly. Among other findings, it is also encouraging that 81% of respondents said their primary organization has a cyber security response plan in place.

The cyber events of the past year included unprecedented supply chain attacks, assaults on critical infrastructure, and widespread vulnerabilities likely to haunt organizations for years. These events, among many others, are detailed in Blackberry 2022 Threat Report. However, reading the entire report can prove challenging for security professionals with little time to spare.

The 2023 Security Service Edge Adoption Report delivers insight on the shift away from legacy access solutions and the rapidly growing SSE market in light of the modern workplace.

RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. Events in which the impact was limited to data theft were excluded.

The global energy sector is facing a time of uncertainly due to a confluence of geopolitical, economic, and environmental factors. In tandem, the cyber threat landscape is growing increasingly complex, further complicating the picture for global energy suppliers. While governments and regulatory bodies urge the critical infrastructure sector to double down on cyber defense.

We identified 50 of the largest multi-party cyber incidents over the past several years in an effort to understand their causes and consequences from beginning to end. Tsunami draws from the same rigorous methodology in the rest of the IRIS series. We started with a huge dataset of cyber loss events, identified those that involved multiple organizations, and then researched each event to understand who was behind it, what happened, how the after effects propagated through the supply chain, and the financial losses for all parties involved.

In a year of new and evolving cyber risks, our community banded together to protect the global financial system and the people it serves. From the latest in phishing lures to nation-state threats, from new ransomware tactics to managing supply chain risk. we focused on arming our members with the intelligence and knowledge they need to keep our sector secure and resilient.

The past year, the VOID grew from 2,000 to nearly 10,000 incident reports from close to 600 organizations. We rigorously collect the same metadata, along with a new value: severity. This enabled us to investigate whether there is a relationship between the reported length of the incident and the impact (or severity) of the incident.

Our hope is the results of the survey report and our expert analysis helps you prepare for obtaining and renewing cyber insurance, with coverage and rates that accurately reflect your risk profile.

In our report, we investigate the cyberthreats that have been launched on the automotive industry in 2021 and 2022. We dig into the most prominent attacks, point out high-risk areas that could be targeted in the future, and give our security recommendations and predictions for 2023.

In 2022 the cybercriminal economy has increasingly transformed into an industry. Information technology companies have shifted too “as-a-service” offerings, and the cybercrime ecosystem has done the same. Access brokers, ransomware, information-stealing malware, malware delivery, and other elements of cybercrime operations have lowered barriers to entry for world-be cybercriminals.

This report, the Annual Report Trust Services Security Incidents 2021, analyzing root causes, statistics and trends. This report marks the sixth round of security incident reporting for the for the EU’s trust services sector. In this round of annual summary reporting a total of 27 EU countries and 3 EEA countries took part. They reported a total of 46 incidents.

Threats evolve, attackers constantly change their tactics, techniques and procedures, and defenders must adapt and stay relentless if they want to keep ip. This forecast aims to help they cyber security industry frame its fight against cyber adversaries in 2023.