FEATURE
What trends are shaping the future of cybercrime threat intelligence and how can organisations protect themselves ?
There ’ s no question that organisations have experienced widespread cybersecurity challenges in the past year . While conventional and wellknown threats such as email phishing and ransomware remain successful , many threat actors are shifting to newer techniques lesser known to employees to increase their chances of a successful cyberattack . If an employee isn ’ t aware of certain threat tactics , or able to identify them , they are more likely to fall victim to them .
These include telephone-oriented attack delivery and adversary-in-the-middle ( AitM ) phishing proxies that bypass Multi-Factor Authentication . These techniques have been used in targeted attacks for years , but 2022 saw them deployed at scale .
Over the past year , hundreds of thousands of telephone-oriented attack delivery ( TOAD ) and Multi-Factor Authentication ( MFA ) bypass phishing messages were sent each day – ubiquitous enough to threaten nearly all organisations . At its peak , Proofpoint tracked more than 600,000 TOAD attacks – emails that incite recipients to initiate a direct conversation with attackers over telephone via bogus ‘ call centres ’ – per day , and the number has been steadily rising since the technique first appeared in late 2021 .
Insider threats are a growing concern for many regions . What are the pain points for organisations and how do the regions differ ?
Insider threats make data protection more difficult for organisations . Also , recent job market trends like The Great Resignation have presented security challenges for global organisations , with 65 % – on global average – reporting they have experienced data loss due to an insider ’ s action .
We are seeing the trend across all territories , but in different levels of severity . Across EMEA , an average of 71 % of organisations lost data to insiders . What ’ s notable is the disconnect between the high level of attacks and the low average level of security awareness training , at 29 %.
How is cybersecurity maturity across the world shaping how CISOs revise their current security strategies ?
With so much variation between regions and industries , there is no one-size-fits-
38 www . intelligentciso . com