Alert Logic just released the 2018 Critical Watch Report. It contains several interesting facts and findings related to the current state of cloud security and trends in cybersecurity and one very important takeaway that every organization should be aware of.
Critical Watch Report
The Critical Watch Report is the result of research based on data from Alert Logic’s customer base of more than 4,000 organizations around the world. The data analyzed covers a 455-day period from April 1, 2017 through June 30, 2018. Alert Logic cybersecurity experts analyzed more a billion security anomalies and more than 7 million events, which resulted in over 250,000 verified security incidents over that timeframe.
The five key insights from the Critical Watch Report are:
1. The initial phases of the cyber killchain are merging to accelerate targeted attacks
2. Industry and size are no longer reliable predictors of threat risk
3. Attack automation and “spray and pray” techniques are aiming at everything with an IP address
4. Cryptojacking is now rampant
5. Web applications remain the primary point of initial attack
Size Doesn’t Matter
One of the most important insights from the Critical Watch Report is related to how the threat landscape continues to evolve and shift over time. In and of itself, that isn’t new. What makes it notable in this case is that Alert Logic found that the industry a company works in or the size of the company is no longer a reliable predictor of risk.
The cybersecurity report explains, “For many years, organizations in industries with fewer customers and more limited use of sensitive data were at a lower threat risk. The same was true for organizations of a smaller size (e.g. revenue, number of employees). With attackers’ increased access to hacking tools, the ever-expanding library of known vulnerabilities, greater use of cloud-based resources, and more systems and applications that are accessible via the Internet, this relative safety has evaporated.”
Web Applications are the Primary Target
Attacks vary in scope and impact for some industries as a result of the types of data they store and the various cybersecurity compliance mandates that govern them, but web application attacks are clearly and consistently dominant across all industries. Web application attacks account for roughly two thirds or more of all attacks for every industry Alert Logic analyzed—up to as high as 85 percent for the Retail, Hospitality and Accommodation sector.
Here are the numbers for web application attack percentage by industry:
- Education, State, Local & Federal Government— 74%
- Financial Services and Insurance— 71%
- Health Services— 66%
- Information Technology and Services— 77%
- Media Communication and Entertainment— 80%
- Not for Profit Organizations— 82%
- Production, Manufacturing, and Logistics— 65%
- Retail, Hospitality, and Accommodation— 85%
Improve Your Security Posture and Reduce Your Risk
You will find much more detail on these insights in the Critical Watch Report, as well as more information on the additional findings and insights. It’s not all bad news, though. The Critical Watch Report also contains expert guidance to help you improve your security posture and reduce your risk.
The purpose of conducting research like this and the benefit of publishing the Critical Watch Report is to identify trends and emerging threats and provide tools, tips, and actionable information you can use to better defend your servers, applications, data, and workloads whether you have an on-premise data center, a cloud environment, or a hybrid environment.
Attackers will continue to adapt and evolve. The threat landscape will continue to shift. New exploits and malware will be developed. The important thing is for you to stay informed of trends and emerging threats so you can proactively take the steps necessary to adapt and evolve your security posture right along with them.