With a full year of 2022 cyber services claims data now available and 2023 newly underway, this is a good moment to pause and reflect on the state of cybersecurity.
At first glance, things hardly seem particularly new as we enter 2023: threat actors are still using the same kinds of ransomware vectors to attack, and we’re still talking about the same need for education and controls. From the frequency of remote desktop protocol as a vector to the prevalence of data exfiltration in incidents, our latest data is very much aligned with the trends that captured our attention in 2022 Cyber Services Snapshots One and Two.
But look beneath the surface, and it quickly becomes evident that targeted companies are facing greater incident complexity than ever before. On the one hand, class actions in the US are giving cyber extortion incidents a longer tail. At the same time, as threat actors continue to grow more sophisticated, they are finding ways to use even administrative tools like MFA against targets.
From tactics to consequences, cybersecurity will see a subtle but important evolution in 2023, and organisations must be prepared. As bad actors continue to identify and exploit vulnerabilities, the tools you’ve come to count on are not sufficient by default anymore, nor are the same instructions you’ve been giving your team for years. In the event of a breach, your organisation’s vulnerabilities are greater than ever, and the costs could be higher. Read on to learn what you need to know about protecting yourself today against yesterday’s risks in tomorrow’s cyber world.
Russ Cohen
Head of Cyber Services
Philadelphia, PA