70% of the top reported cyberattacks in the past 12 months were either ransomware or business email compromise (BEC), according to a recent Palo Alto Networks report.
Of those reported, software vulnerabilities accounted for nearly half of every breach, highlighting a need for better patch management strategies, password managers and cybersecurity training.
We already know that cybersecurity is a top concern for businesses across the US, but with phishing attacks on the rise and high-profile attacks seeing no end, there's a lot we can learn to keep our businesses safe. Here's everything you need to know.
Incident Response Report 2022: Biggest Findings
The annual report conducted by global cybersecurity experts, Palo Alto Networks, analyzed more than 600 incident response cases in the last 12 months to expose the most common cybersecurity patterns, trends and biggest vulnerabilities. Here are our key takeaways:
- 70% of incident response cases were ransomware and business email compromise
- 77% were caused by phishing, software vulnerabilities and poor password security (brute-force attack)
- Known software vulnerabilities accounted for nearly half of all cases reported
- 50% of organizations targeted lacked multifactor authentication on core internet facing systems such as corporate webmail, remote access solutions and secure VPNs
- Poor patch management procedures contributed to 28% of cases
Top 7 Industries Targeted by Cyberattacks
According to the report, the top industries affected were finance, healthcare, professional and legal services, manufacturing, tech, and wholesale and retail.
These industries accounted for over 60% of our cases. Organizations within these industries store, transmit and process high volumes of monetizable sensitive information that attracts threat actors.
Attackers, it said, are particularly “opportunistic” and will scan the internet in search of systems where they might leverage specific vulnerabilities, making businesses with weaker internet facing defenses all the more vulnerable.
How to Protect Your Business From Cyberattacks
The best way to protect your business from cyberattacks is by investing in good cybersecurity training. With brute-force attack one of the biggest causes of system vulnerabilities, strict password practices and guidelines, are key to minimizing risks.
As the Incident Report suggests, securing VPNs, multi-factor authentication (MFA) and password managers are some of the best methods to use to apply an extra layer of protection, especially for hybrid teams, or those working remotely.
Software vulnerabilities (or outdated software) accounted for 77% of all incidents — alongside poor password security and phishing attacks in the past 12 months, demonstrating that it is a magnet for malware and breaches automatically updating your software can prevent that.
Finding the right malware protection can be daunting, but it's a great way to ensure that your business is safe and secure. We researched the best antivirus software for business to help you narrow things down, with Norton and McAfee are some of our top two.