New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves.
It’s every cybersecurity professionals’ worry; whether the security controls they’ve put in place will actually stop attacks.
But it’s actually quite easy to calm those fears by simply paying attention to industry data that paint a picture of what tactics and techniques threat actors are using and to ensure the appropriate controls are in place to stop such malicious activity.
According to Kroll’s Q2 2024 Threat Landscape Report, there are some unwavering truths that are becoming evident.
Going back three quarters, Kroll demonstrates through data that the following threat incident types (in descending order) are being experienced during cyber attacks: email compromise, ransomware, unauthorized access and web compromise.
Source: Kroll
Looking at the chart above, you can see how important having access to email is for threat actors. And even with the substantial increase in unauthorized access this year it appears that the threat actor “leopard” doesn’t change its’ spots.
It also makes it very clear that protecting email access with multi-factor authentication, strong passwords, and the use of security awareness training to help prevent successful social engineering attacks intent on stealing credentials are necessary to stop what appears to be an incident trend that isn’t going away anytime soon.
Originally posted on KnowBe4 by Stu Sjouwerman.
