By Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Transformation Services Software, IBM Security
Cyber threat actors thrived from geopolitical and human upheaval in 2022. IBM Security’s annual X-Force Threat Intelligence Index 2023, published on 22nd February, sheds light on their ever-changing tactics and impact. By better understanding the impact of cyber incidents, organisations like the Charter Of Trust can better share cyber threat insights and best-practices, allowing commercial and governmental victim organisations to better prepare.
The year 2022 was another tumultuous one for cybersecurity. While there was no shortage of contributing events, among the most significant were the continuing effects of the pandemic and the eruption of the military conflict in Ukraine. Disruption made 2022 a year of economic, geopolitical and human upheaval and cost—creating exactly the kind of chaos in which cybercriminals thrive. And thrive they did.
IBM’s annual X-Force Threat Intelligence Index , released yesterday, analyses global cyber risks and incident impacts across different sectors and regions. It provides a comprehensive look at the tactics and techniques used by threat actors, as well as the intended impact on targeted organisations observed by X-Force in 2022.
A few of the report’s key findings:
- More Backdoors, More (Ransomware) Problems. Representing 21% of cases, backdoor deployments were the most common action observed in incidents in 2022; knocking out ransomware, which held the top spot since at least 2020.
- Extortion: Threat Actors Go-To Impact.More than one quarter of all incidents involved extortion – making it the top impact on businesses in 2022. Cybercriminals are adopting techniques with high psychological impact to force victims to pay, and often target the most vulnerable industries, businesses and regions. Manufacturing was the most extorted industry in 2022 – accounting for 30% of incidents involving extortion – it was also the most attacked industry for the second year in a row. Manufacturing organisations are an attractive target for extortion, given the extremely low tolerance for down time.
- Phishers “Give Up” on Credit Card Data. The number of phishing kits targeting credit card information dropped 52% last year – phishers are prioritizing personally identifiable information, which can be sold on the dark web for a higher price or used to conduct further operations.;
With information on how cyber threats impact victim organisation, those organisations can use that information to plan responses to potential future incidents more effectively. Such insights are also relevant for governments around the globe seeking to improve existing cyber regulations.
The 2023 X-Force Threat Intelligence Index provides proof that threat actors are changing their methods and it provides insights into how organisations can prepare by offering workable recommendations.
One thing is clear: we need to share such knowledge and best-practices to ensure our cyber preparedness is aligned with the evolutions of cybercrime.
Organisations like the Charter Of Trust serve the same purpose: to work together, share information and ensure more operational collaboration between both government agencies and industry, but also between commercial entities themselves.
I believe informative reports, like the X-Force Threat Intelligence Index, are important steps to facilitate such collaboration and make the digital world a safer place—which is a global priority, now more than ever.
Read more about the results in the X-Force Threat Intelligence Index.
PREVIOUS POST
Wilton Park G7 workshop
NEXT POST
Chairwoman Natalia Oropeza in Brandeins Magazine
You may also like
External Engagement
Chairwoman Natalia Oropeza in Brandeins Magazine
We're thrilled to announce that our Charter of Trust Chairwoman Natalia Oropeza has been featured in the annual IT edition of the brand eins magazine!
In an interview with Dorit Kowitz, Natalia dives deep into the pressing issues facing the cybersecurity landscape, explaining how the Charter of Trust bundles the expertise of different businesses across several regions to stay resilient in the face of evolving threats. As Natalia Oropeza says: "We all win if cybercrime doesn’t win."
Here are three key insights from her interview:
🔑 Collaboration is essential: No single organization can tackle cyber threats alone. The Charter of Trust is a prime example that businesses nowadays are more transparent when it comes to attacks and that sharing information in this field can be beneficial.
🔑 Addressing the digital skills gap: The Charter of Trust is working to address the global shortage of cybersecurity professionals by encouraging diversity and actively promoting opportunities for women to join the field.
🔑 Unified regulations: Harmonizing global cybersecurity standards will reduce vulnerabilities, helping businesses and governments combat threats more effectively.
The full interview is available here: https://lnkd.in/gRm6ZDGC
In an interview with Dorit Kowitz, Natalia dives deep into the pressing issues facing the cybersecurity landscape, explaining how the Charter of Trust bundles the expertise of different businesses across several regions to stay resilient in the face of evolving threats. As Natalia Oropeza says: "We all win if cybercrime doesn’t win."
Here are three key insights from her interview:
🔑 Collaboration is essential: No single organization can tackle cyber threats alone. The Charter of Trust is a prime example that businesses nowadays are more transparent when it comes to attacks and that sharing information in this field can be beneficial.
🔑 Addressing the digital skills gap: The Charter of Trust is working to address the global shortage of cybersecurity professionals by encouraging diversity and actively promoting opportunities for women to join the field.
🔑 Unified regulations: Harmonizing global cybersecurity standards will reduce vulnerabilities, helping businesses and governments combat threats more effectively.
The full interview is available here: https://lnkd.in/gRm6ZDGC
Read more
October 19, 2024
•
External Engagement
Cybersecurity Awareness Month
We are in the middle of Hashtag#CyberSecurityAwarnessMonth and many of our Charter of Trust Partners are promoting it with great initiatives. One of the programs that we want to highlight is last week’s panel organized by Allianz talking about “Security in light of (gen)AI”.
The complexity and urgency of this topic gathered a lot of interest, with 600+ attendees throughout the whole panel, which was composed of Jon-Paul Jones, COO at AZ Commercial, Firas Ben Hassan, GenAI expert & Manager of AllianzGPT at AZ Technology, Dr. Martin J. Krämer, External Security Awareness Advocate at KnowBe4, and Dr Sumit Chanda, Global CISO at Eviden & Chair of the Global External Engagement Working Group at the Charter of Trust.
We are pleased to see Dr. Sumit Chanda from Eviden bringing in his unique CISO insight on what these emerging technologies mean in day-to-day cybersecurity practices and bringing in the Charter of Trust perspective on this topic as well.
Thank you, Ervin Cihan and Haydn Griffiths for inviting other CoT Partners and for the great initiatives that Allianz is putting together within this year’s Security Awareness Month. And special thanks to Heather Armond for the great moderation.
The complexity and urgency of this topic gathered a lot of interest, with 600+ attendees throughout the whole panel, which was composed of Jon-Paul Jones, COO at AZ Commercial, Firas Ben Hassan, GenAI expert & Manager of AllianzGPT at AZ Technology, Dr. Martin J. Krämer, External Security Awareness Advocate at KnowBe4, and Dr Sumit Chanda, Global CISO at Eviden & Chair of the Global External Engagement Working Group at the Charter of Trust.
We are pleased to see Dr. Sumit Chanda from Eviden bringing in his unique CISO insight on what these emerging technologies mean in day-to-day cybersecurity practices and bringing in the Charter of Trust perspective on this topic as well.
Thank you, Ervin Cihan and Haydn Griffiths for inviting other CoT Partners and for the great initiatives that Allianz is putting together within this year’s Security Awareness Month. And special thanks to Heather Armond for the great moderation.
Read more
October 15, 2024
•
External Engagement
UK/EU Summit - “Risk to Resilience”
Detlef Houdeau, Senior Director, Business Development at Infineon Technologies was a speaker at the inaugural UK/EU Summit organized by our newest Associated Partners Shared Assessments.
💡Under the theme “Risk to Resilience” the first event of this series was held in London and brought together professionals from different industries and regions. Detlef participated in the panel about the complex regulatory landscape and emphasized that new legislation like the EU AI Act, DORA and Hashtag#NIS2 continue to push the standard of care on cybersecurity and other risks.
Thanks to Shared Assessments for organizing such an amazing event and inviting the Charter of Trust to participate in this high-class panel alongside Andrew Moyad, CEO at Shared Assessments.
💡Under the theme “Risk to Resilience” the first event of this series was held in London and brought together professionals from different industries and regions. Detlef participated in the panel about the complex regulatory landscape and emphasized that new legislation like the EU AI Act, DORA and Hashtag#NIS2 continue to push the standard of care on cybersecurity and other risks.
Thanks to Shared Assessments for organizing such an amazing event and inviting the Charter of Trust to participate in this high-class panel alongside Andrew Moyad, CEO at Shared Assessments.
Read more
October 08, 2024
•
