Story image

DimData: Fear finally setting in amongst vulnerable orgs

16 May 2019

Dimension Data, a global technology integrator and managed services provider for hybrid IT, has revealed exclusive findings from its Executive Guide to NTT Security’s 2019 Global Threat Intelligence Report concerning the cybersecurity maturity of organisations across a number of markets and sectors.

Globally, the average cybersecurity maturity rating stands at a worrying 1.45 out of 5 – a score determined by an organisation’s holistic approach to cybersecurity from a process, metrics and strategic perspective. 

This comes during a time when security vulnerabilities have also surged to a record high (up 12.5% from 2017).

The finance (1.71) and technology (1.66) sectors boast the highest maturity ratings and are continuing to ramp up their security posture, most likely prompted by their unenviable positions as the most commonly targeted industries, each accounting for 17% of all attacks recorded in 2018.

Scouring trillions of logs and billions of attacks, the research also revealed the most common attack types, with web attacks the most prevalent threat, doubling in frequency since 2017 and accounting for 32% of all attacks detected last year. 

Reconnaissance (16%) was the next most common hostile activity, closely followed by service-specific attacks (13%) and brute-force attacks (12%).

“There’s clearly work to be done across all sectors in order to establish more robust security postures. However, it’s reassuring to see many C-suite leaders recognising the importance of making more strategic investments to improve their cybersecurity defences,” says Dimension Data Asia Pacific Cybersecurity solutions director Neville Burdan.

“There have been some exciting developments in the predictive threat intelligence space, with new levels of collaboration and buy-in across the cybersecurity value chain. What’s more, the most-targeted industries are also the most likely to seek assistance to evolve their strategies and build their security programmes. This bodes well for companies looking to reach their desired cyber-maturity state.”

Other highlights from the research include:

  • Globally, 35% of attacks originate from IP addresses within the US and China, followed by EMEA and APAC.
     
  • Cryptojacking represents a significant amount of hostile activity, at times accounting for more detections than all other malware combined, hitting the technology and education sectors hardest.
     
  • Credential theft is up as attackers target cloud credentials, with tech companies (36%), telcos (18%), and business and professional services (14%) significantly impacted by this.
Forescout strengthens investment in OT security
Forescout’s latest features will provide enterprises with improved productivity, lower risk profiles and faster mitigation of threats.
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.