The biggest shift the IBM X-Force team observed in 2023 was a pronounced surge in cyberthreats targeting identities. Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns. Lack of identity protections was corroborated by IBM X-Force penetration testing data for 2023, which ranked identification and authentication failures as the second most common finding.

With this report, we want to promote open sharing on cyber threats and incidents and give the industry a public and relevant cyber threat picture anchored on a solid, well-documented basis. The report and knowledge base are the product of a collaborative community effort with our members and the Nordic TIBER Cyber Teams (TCTs) at the centre, with contributions from Nordic government entities.

Cyberattacks increased two or threefold across nearly every tracked metric in 2023, as cybercriminals continued to ramp up and diversify their attacks. To give the world’s defenders the actionable threat intelligence needed to safeguard against this relentless surge in cybercrime, we’ve compiled our research into the 2024 SonicWall Cyber Threat Report.

The Workplace Identity Security Trends and Challenges report investigates the identity security landscape and challenges facing organizations today. The research finds that many struggle to build an integrated and comprehensive identity security strategy, relying on disconnected tools and practices that create inefficiencies and leave organizations seriously vulnerable to attacks and breaches.

Our respondents were asked to open up about the challenges they’ve faced while securing their digital enterprises over the past year. We are at a critical juncture in digital transformation. The distributed workforce is now the norm, and companies must support remote productivity of which cloud will play a key role. This requires leaders to plan security for hybrid infrastructure – a distinct departure from the inherited on-premises strategies of most organizations. That’s why there is a lot to learn from this year’s temperature check on the industry.

This report aims, simply, to help you build a proactive defense that anticipates and thwarts tomorrow’s threats. So, for the second year running we rallied the community for the largest predictions survey the cybersecurity awareness community has seen. We’ve harnessed their expertise, experience, and frontline intel.

This report is broken into four different threat types: identity, cloud, computer-based, and phishing. Keep in mind, though, that these threats are tightly related. Compromise of user identities can occur through phishing and can impact an organization’s cloud assets and endpoints, or malicious activity on an endpoint may be indicative of an exploited vulnerability. We’ll highlight that interconnectivity throughout.

The world of cybercrime never stands still. In the new Cyber Threat Report – Edition 2021/22 – the IT experts from Hornet security once again take a close look at the gateway of email communication and analyze the latest cybercriminal scams. In doing so, they examine what threats have emerged in 2021, what has become of Emotet, and what companies need to be prepared for when opening their inboxes in the future.

By leveraging its huge user dataset, Hornet security is uniquely positioned to conduct a detailed examination of email-based threats and distill this into important insights for IT security professionals. Email continues to be an essential communication channel. However, in our analysis of more than 45 billion emails, 36.4% are categorized as “unwanted.” 96.4% of unwanted emails are spam or rejected outright due to external indicators, and just over 3.6% were flagged as malicious.

The Cyber Security Report (formerly Cyber Threat Report) is an annual analysis of the current cyber threat landscape based on real-world data collected and studied by Hornet security’s dedicated Security Lab team. Hornet security processes more than two billion emails every month. By analyzing the threats identified in these communications, combined with a detailed knowledge of the wider threat landscape, the Security Lab reveals major trends and can make informed projections for the future of Microsoft 365 security threats, enabling businesses to act accordingly. Those findings and data are contained within this report.

The 2024 Global Cybersecurity Outlook (GCO) finds that organizations that maintain minimum viable cyber resilience – that is, a healthy middle grouping of organizations – are disappearing. Organizations reporting such a minimum viable cyber resilience are down 31% since 2022.

The 5th edition of Wipro’s State of Cybersecurity Report (SOCR) offers a perspective and framework to help enterprises achieve cyber resilience. You will find a wealth of data and actionable insights covering attacks, breaches and law, along with the state of business cyber capabilities across geographies and industry sectors, plus future trends.

The Hiscox Cyber Readiness Report 2021 reveals that US firms are a global leader in cyber readiness, with more classified as ’cyber experts,’ (25%) compared to other countries. But there is still work to be done when it when it comes to dealing with ransomware and phishing emails, as US businesses are the most likely to pay a ransom. In this year’s report, we saw a disparity when it came to the level of cyber expertise US businesses have versus the actions they take when an attack actually occurs.

The Hiscox Cyber Readiness Report 2023 reveals that small business owners are getting smarter, but so are cyber criminals. Although 63% of small businesses in the US are cyber intermediates and 4% are cyber experts, almost half (41%) experienced at least one cyber-attack during the past year. The report surveyed over 5,000 professionals responsible for their company’s cyber security strategy from the US, UK, France, Germany, Spain, Belgium, Republic of Ireland, and The Netherlands, including more than 500 US small business professionals.

In this report, CybSafe and The National Security Alliance surveyed over 6,000 people across the United States, Canada, the United Kingdom, Germany, France, and New Zealand to get a better understanding of the security behaviors and attitudes. They asked the people about their knowledge of cybersecurity risks, their security best practices, and challenges they face in staying safe online. Cybercriminals know if they want to target an organization, they need to target its people. They believe this report will help organizations to better protect themselves and their people.

The BlackBerry Global Threat Intelligence Report has become a key reference guide for cybersecurity professionals worldwide, including CISOs and other decision makers, to keep the security community informed of the latest cybersecurity threats and challenges globally affecting their industries and platforms. This report covers threats encountered in June 2023 through August 2023. It examines the challenges faced by many industry sectors, with a focus on protecting government and public entities, risks within the healthcare sectors, safeguarding critical infrastructure, and the importance of protecting vulnerable entities within the financial sector.

The report presents the findings of the analysis of statistical data obtained using the Kaspersky Security Network (KSN) distributed antivirus network. The data was received from those KSN users who gave their voluntary consent to have data anonymously transferred from their computers and processed for the purpose described in the KSN Agreement for the Kaspersky product installed on their computer.

This is the third edition of ThreatQuotient’s annual survey of senior cybersecurity professionals, exploring the topic of cybersecurity automation adoption. Read this report to understand how CISOs and senior cybersecurity professionals are handling the incorporation of cybersecurity automation into their strategies to protect the complex, extended enterprise – and their analyst teams – from the pressures of escalating cyber threats.

The purpose of this report is to assess and summarize the current threat landscape facing organizations as a result of the digital identities that they issue to legitimate users. We called this report “The Unpatchables” because digital identities represent a source of technical risk that is impossible to completely mitigate even in theory.

This report covers the threat landscape, as encountered by our sensors and analysts in the first half of 2023. General malware data presented in the report is gathered from January–May of this year, and reflects threats targeting endpoints that we observed in these months. The report represents a global outlook and is based on over 1,000,000 unique endpoints distributed around the world. Most of the statistics discussed focus on threats for Windows operating systems, as these are much more prevalent then those targeting macOS and Linux.

In this study on general phishing awareness, over 9,000 simulated phishing emails were sent to users who signed up in 2022. Participants were sent three simulated attacks over the course of a week- all classified as moderate in terms of complexity. The users had to identify these emails. If they clicked, they were forwarded to contextual learning resources.