IBM’s annual X-Force Threat Intelligence Index shows how cyber criminals took full advantage of global uncertainty in 2021, especially in the manufacturing industry

Today, IBM Security released the results of its annual X-Force Threat Intelligence Index. As cyber criminals become increasingly innovative in leveraging global uncertainty, more than ever companies and policy makers need to join forces to share threat intelligence, best practices and improve standardization and innovation to combat cyber threats.

 

By Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Transformation Services Software, IBM Security

 

In 2021 cybercriminals took full advantage of global uncertainty, a weakened supply chain and unpatched vulnerabilities to successfully infiltrate organizations across the globe and make their pay day. IBM’s X-Force Threat Intelligence Index identifies the biggest cyber threats in 2021, and how ransomware and vulnerability exploitations together were able to ‘lock-down’ businesses around the world.

Instead of chasing the money, cyber criminals now chase leverage, all through our supply chains. Last year, manufacturing surpassed the financial industry as the most attacked sector. Manufacturing faced the most attacks in Asia (32%), North America (27%), and Europe (26%), indicating the strategic shift in attackers’ targeting.

With nearly 1 in 2 attacks on manufacturing occurring due to unpatched vulnerabilities, and 2021 also witnessing a 50% increase in disclosed vulnerabilities in Industrial Control Systems, it’s is clear that cyber threats are a growing concern across all industrial sectors.

The Charter Of Trust, a global initiative of leading companies advancing cybersecurity, is calling for both industry and governments to work together and share know-how and best practices, but also to extend operational collaboration to government agencies and other public sector entities.

The need for bringing together the cybersecurity capabilities of public and private sector partners to enhance cyber resilience has never been greater.

Since its inception, the Charter Of Trust has been promoting multilateral efforts in regulation and standardization.

And the sense of urgency to create common security standards and enhance collaboration is growing.

In the European Union, for instance, there is a strong focus on building a cybersecurity ecosystem across the EU Member States, through the EU’s Cybersecurity Strategy for the Digital Decade.

In the US, President Biden’s Executive Order on “Improving the Nation’s Cybersecurity highlights the persistent cyber threat to the United States and calls on the government and private sector to partner to address these ever-evolving cyber threats through requirements on software supply chain security, threat information sharing, and enhanced cybersecurity standards.

But while governments are addressing cybersecurity measures, companies should not wait for regulation to take effect, but rather strengthen their partnerships with other private players as well as with governments. The Charter has always advocated for more joint public-private initiatives across the entire supply chain in various sectors, for a more collective and coordinated readiness to act on threats.

If there’s one thing the 2022 X-Force Threat Intelligence Index shows, it’s that it is essential that industries are prepared for cyber risks – and preparation requires access to information.

Whether in manufacturing, financial services, or the energy sector, cybercriminals are becoming increasingly more resilient, resourceful, and stealthy in their pursuit of businesses’ critical data. It’s paramount that we all recognize that public-private partnership and collaboration on threat sharing will be central to building a coordinated defense against these threats.

Read more about the global and regional results in the X-Force Threat Intelligence Index below:

You may also like

UK/EU Summit - “Risk to Resilience”
icon External Engagement

UK/EU Summit - “Risk to Resilience”

Detlef Houdeau, Senior Director, Business Development at Infineon Technologies was a speaker at the inaugural UK/EU Summit organized by our newest Associated Partners Shared Assessments.

💡Under the theme “Risk to Resilience” the first event of this series was held in London and brought together professionals from different industries and regions. Detlef participated in the panel about the complex regulatory landscape and emphasized that new legislation like the EU AI Act, DORA and Hashtag#NIS2 continue to push the standard of care on cybersecurity and other risks.

Thanks to Shared Assessments for organizing such an amazing event and inviting the Charter of Trust to participate in this high-class panel alongside Andrew Moyad, CEO at Shared Assessments.
October 08, 2024
36th Cyber Security Day: Working together for more resilience in the digital future
icon External Engagement

36th Cyber Security Day: Working together for more resilience in the digital future

Strong networks and effective cooperation are the key to successfully shaping the digital future in Germany. Cybersecurity is a team effort, and that was again visible last week at the 36th Cyber Security Day in Berlin.

🌐On 26 September 2024, the Bundesamt für Sicherheit in der Informationstechnik (BSI), Alliance for Cyber Security, and the DIHK invited experts, companies, authorities and political decision-makers to jointly strengthen Germany's cyber resilience.

The event was a great mix of policy debate, practical exchange, workshop and networking under the motto ‘Stronger Together: Greater Resilience through Cooperation’.

✨ One of the highlights of the day was the closing panel with Claudia Plattner, President of the BSI, Dr. Stefan Saatmann, Deputy Head Berlin Office at Siemens, Konstantin von Notz, Member of the Bundestag for B90/Greens, and Alexander von Gernler, German Informatics Society, interchanging ideas to foster resilience through collaboration. Initiatives like the CoT baseline requirements and its huge potential for international harmonizing cybersecurity regulations were discussed as well.

Let’s all work together so that closer cooperation between the BSI and businesses bring more tangible effects to increase digital resilience. Special thanks to Nils Hasenau for providing the excellent photos and also to Simon Ulmer and Ralf König for attending the event.
October 01, 2024
Nordic Cyber Summit 2024
icon External Engagement

Nordic Cyber Summit 2024

The Charter of Trust at the Nordic Cyber Summit
What a great opportunity for Morten Kromann, Head of Industrial Security Denmark at Siemens, to present the Charter of Trust perspective on cybersecurity regulations like Hashtag#NIS2 at the Nordic Cyber Summit in Copenhagen.

This year the summit was again a formidable event to engage with top cybersecurity experts, share insights, and discuss strategies to navigate the ever-evolving threat landscape in the Nordic region with the theme “Fortifying the Future: Building Cyber Resilience in a Transformed World”.

A main aspect highlighted by Morten was the discrepancies between the NIS2 directive’s incidents reporting timeframe and related provisions adopted in other legislations. These regulatory overlaps create difficult compliance environments for industry and costly operational pressures which add to the fragmentation of the market instead of harmonizing it. That is why the Charter of Trust emphasizes streamlining reporting requirements stemming from these different legislative frameworks and developing single entry points for reporting on the national level.

These and more points have been discussed during our Security-by-default Webinar on the 29th of October. See the events section on this website to find the recording of the webinar.
September 16, 2024