With the flurry of new threats, it’s more important than ever to take a proactive approach and be aware of emerging cybersecurity trends. The Skybox Security threat intelligence team tracks more than 120,000 vulnerabilities on more than 14,000 products. In this post, our in-house research analysts look back and the first half of 2021 and explore emerging vulnerability and threat trends.
As hackers become more advanced, assume an attack is imminent.
As we’ve seen in recent headlines, no one is immune from cyberattacks. All companies – large and small – are fair game from schools, hospitals, energy companies, and meat suppliers. The increased complexity and enhanced sophistication of attacks are here to stay. Additionally, organizations can’t manage the sheer volume of vulnerabilities and explosive rate of change due to the cybersecurity skills crisis. To change the paradigm, security teams need to evolve how they manage their attack surface. Emerging security solutions are taking a new approach to measuring risk and automating remediation. By aggregating vulnerability severity, asset importance, exploitability, and exposure in a single view, it is now possible to wipe out the “perfect storm” threats that pose the greatest risk to the business and its reputation.
Cybersecurity insurance is no longer good enough, and banks are taking notice too.
With increasingly sophisticated ransomware attacks and skyrocketing multi-million-dollar demands, we may see the $7+ billion cybersecurity insurance industry begin to buckle. As cybersecurity insurance’s cost vs. risk model continues to be tested, we are likely to see more stringent requirements and a spike in cyber insurance denial claims. But insurance isn’t the only industry turning the screws. A recent report found banks are now imposing higher interest rates and requiring more collateral from companies that have breached customer data (e.g., financial information, SSN). Moving forward, these industry giants will likely require enterprises to go beyond a “detect and response” approach and take a more preventive stance. As a result, we may see a greater need for increased real-time threat intelligence and vulnerability prioritization capabilities, such as risk scoring and prescriptive remediation analysis. In doing so, organizations can better prioritize critical vulnerabilities, close the gap and validate their overall security posture.
Critical infrastructure will continue to be a favorite target among bad actors.
Cybercriminals see critical infrastructure as low-hanging fruit, as seen with the Colonial Pipeline breach. And it’s very likely these will become even more attractive targets as we set our sights on recovery and economic activity increases post-pandemic. The rise of industrial IoT sensors coupled with outdated legacy IT systems makes critical infrastructure an easy target for cybercriminals. As a result, security and facility leaders in operational technology-dependent industries must evolve their thinking and take action to avoid ending up in the crosshairs of a hacker. Today, it is possible to walk the path of a potential breach with a multi-dimensional, hybrid network model. Through attack simulation and exposure analysis, cybersecurity teams can identify and proactively remediate attack vectors ahead of incidents.
About Skybox Research Lab
The force behind the intelligence used by Skybox Security’s solutions, the Skybox Research Lab is a team of security analysts who scour data daily from dozens of security feeds and sources. The Research Lab validates and enhances data through analysis based on their knowledge of attack trends, cyber events, and the TTP of today’s attackers. Their ongoing investigations focus on vulnerabilities exploited in the wild to deliver distributed crimeware – including ransomware – and on other outstanding client and server-side vulnerabilities. All vulnerabilities are analyzed when taking the prevalence and importance of the affected products. This analysis is incorporated into Skybox Vulnerability and Threat Management solution, which prioritizes the remediation of exposed and actively exploited vulnerabilities.