With ransomware attacks surging globally, awareness of cyber threats is at an all-time high. Now, insurance provider Allianz has released its annual Cyber Security Trends report, providing crucial insights businesses need to know.
The report highlights developments across the cyber landscape from early 2022 through mid-2023, touching on the ongoing evolution of threats like ransomware, the role of human error in enabling breaches, the need for rapid detection and response capabilities, and more.
In this blog, we'll summarise some of the top takeaways from the 31-page report. Key focus areas include the prevalence of supply chain attacks, the cybersecurity skills gap, the risks posed by mobile devices, and the importance of boosting employee security awareness.
Let’s get started.
Ransomware attacks surged 143% globally in early 2023, the report reveals.
These attacks are often successful because staff click on phishing links or fail to patch known software vulnerabilities.
Ongoing security awareness training is essential to avoid falling victim. Supply chain attacks, where hackers infiltrate vendor systems to steal customer data, are also increasing. Rigorous vendor risk assessments are crucial for managing your organisation’s level of risk.
Organisations are seeing more attacks aimed at mobile devices, according to Allianz. These endpoints often lack security controls, while employees commonly mix personal and corporate data on them. Implementing mobile device management policies helps secure these risky assets, and awareness should be raised among your team.
With limited cybersecurity professionals available, many companies cannot adequately staff security teams.
Allianz advises focusing on employee training programs to fill the skills gap. Partnering with managed security providers can also help strengthen defences.
Simple mistakes like misconfigured systems, inadequate system monitoring, and poor data management practices frequently contribute to breaches.
To reduce errors, organisations need proper cybersecurity awareness training, IT governance frameworks, internal auditing, and data retention policies.
Once attackers infiltrate systems, incidents often escalate rapidly into costly breaches. Allianz stresses early detection capabilities, like SIEMs and SOCs, are vital to spot intrusions quickly before major damage occurs.
Having an incident response plan, retaining specialist vendors, and conducting exercises also improves reaction time.
In short, while deploying robust technical controls remains important, continuously improving employee cybersecurity awareness and implementing governance procedures to avoid errors is fundamental.
Addressing the human element is key to reducing cyber risk. At Bob’s Business, that’s what we do.
Our NCSC-approved cybersecurity awareness training courses give your team the knowledge they need to protect your business, while our simulated phishing training gives your team hands-on experience in receiving and spotting phishing attacks.