How the threat landscape may drive cyber investment in 2023
Europe observed 35% of all incidents, with an 11% increase in attack numbers, witnessing 896 in 2022 as compared to 810 in 2021. It was potentially influenced by surges in activity associated with the Russia- Ukraine conflict in the first half of the year. The Industrial sector found itself the most heavily attacked in 2022, with most targeted sectors in 2022, with 804 victim organisations (32%), followed by Consumer Cyclicals with 487 (20%) and Technology with 263 (10%).
While this remains consistent with previous years, our Annual Threat Monitor Report called attention to a relative 10% surge in victim numbers for ‘consumer cyclical’ organisations, especially hotel and entertainment, specialty retailers, homebuilding and construction supply retailers, and financial services. Organisations in this sector, particularly those with large Operational Technology or Internet of Things (IoT) estates are likely to come under continued targeting. This will inevitably call upon decision makers within organisations to review their spend with the significant threats to their cyber security in mind. We know that cyber incidents of all shape and size will persist in 2023, and as we saw from last year, they are likely to evolve in type, techniques, motivations and influence. From ransomware to DDoS, to business e-mail compromise, threat actors are advancing attack types. These advances call for organisations to ensure their security stance reflects the risks they face, and evaluate cyber security spending budgets appropriately.
continued
10% surge in victim numbers for ‘consumer cyclical’ organisations
IR Cases by Sector (2022)
Sectors most heavily attacked in 2022
Government Activity
Industrials
Financials
32 %
Industrial 804 victims
Consumer Cyclicals
Looking ahead to 2023
Technology
Academic & Education Services
Energy
Consumer Cyclicals 487 victims
We expect bad actors to focus their attention on compromising supply chains, by passing multi factor authentication (MFA) and taking advantage of misconfigured API’s. The threat will persist and organisations must remain vigilant and understand how they could be exposed and take steps to mitigate any risk. Preparation is key, from having robust recovery processes in place, to being able to quickly and effectively deploy thorough incident response plans. This way, organisations can be ready to take on the ever-evolving cyber threat landscape.
20 %
Healthcare
Preparation is key This way, organisations can be ready to take on the ever-evolving cyber threat landscape.
Consumer Non-Cyclicals
Basic Materials Institutions, Associations & Organisations Real Estate Operations
10 %
Technology 263 victims
0% 2% 4% 6% 8% 10% 12% 14% 16% 18% 20%
Made with FlippingBook Online newsletter maker