A series of recently released reports have pinpointed the constant bombardment of attacks that organisations and individuals are under. It does not make for easy reading, as these assaults are ramped up to a level where the big question that comes to mind is: can best practice and technology combine to avoid a meltdown?

Cisco's latest cybersecurity report, 'Security Outcomes Study Volume 2'i, surveyed more than 5,100 security and privacy professionals across 27 countries, including the UK, to determine the most impactful measures that teams can take, in order to defend their organisations against the evolving threat landscape.

Investing in a proactive technology refresh strategy is more critical than ever, states the report, as on average 39% of security technologies used by organisations globally are considered outdated. In the UK, respondents reveal themselves to be above the global average, reporting that 56% of their IT infrastructure is out of date.

Organisations with cloud-based architectures are said to be more than twice as likely to refresh than those with more outdated on-premises technologies. In the UK, 74% of security and privacy professionals stated that they are planning to expand their cloud-based security technology.

52% of respondents from the UK report they have a strong proactive tech refresh strategy to stay up to date with the best available IT and security technologies, while organisations with integrated technologies are seven times more likely to achieve high levels of process automation. Additionally, these organisations boast more than 40% stronger threat detection capabilities.

In the UK only 25.6% excel at retaining security talent. "More than 75% of security operations programs globally that do not have strong staffing resources are still able to achieve robust capabilities through high levels of automation," says the report. "Automation more than doubles the performance of less experienced staff, supporting organisations through skills and labour shortages."

DETECTING AND RESPONDING
The value of cloud-based security architectures cannot be understated, it continues. "Organisations that claim to have mature implementations of Zero Trust or Secure Access Service Edge (SASE) architectures are 35% more likely to report strong security operations than those with nascent implementations. Organisations that leverage threat intelligence achieve faster mean time to repair (MTTR), with rates 50% lower than those of non-intel users."

In the UK, according to the findings: = 30.7% of security and privacy professionals stated they are able to manage top risks, while 33.5% of security and privacy professionals say they can avoid major incidents

BUSINESS RESILIENCY
As the threat landscape continues to evolve, testing business continuity and disaster recovery capabilities regularly and in multiple ways is more critical than ever, with proactive organisations estimated to be 2.5 times more likely to maintain business resiliency.

Adam Philpott, McAfee Enterprise: the public sector must shore up its defences to mitigate further threats.

"We recognise that today's compliance requirements, skills shortages, a hybrid workforce and a threat-filled landscape are all making security complex," says Lothar Renner, managing director security, Cisco EMEAR.

"The global data behind Cisco's Security Outcome Study means that identifying the most effective security practices is no longer guesswork. Cisco continues to work with companies to uphold the best practices identified and, as such, will continue to support security professionals in the adoption of cloud-based security solutions and threat intelligence, based on our open and integrated platform SecureX, in order that they be best positioned to empower their enterprises securely," he adds.

What is the role of the CISO in delivering the most positive outcomes? "CISOs have to be both influencers and educators," says Helen Patton, Advisory CISO, Cisco. "If we're going to be as effective as possible, we need to be on the leading edge of the strategy decisions being made in our organisations. But while we're trying to convince people that security is important - that we need the right investments to do it well and that we should be involved in every aspect of the business - we must also educate. Most executives do not have a background in security, so we need to inform them every step of the way about the types of risks we're introducing with each decision we make."

ATTACK, ATTACK, ATTACK
IT and technology companies in the UK have experienced an average of 44 cyberattacks in the last 12 months - roughly one every eight days - according to new research by Keeper Security. The company's 2021 Cybersecurity Census Reportii has revealed that the large majority of IT decision makers (79%) within IT and tech companies in the UK expect the number of attacks to increase next year amidst concerns that they are missing the right skills and solutions to adequately protect themselves against these attacks.

Overall, almost all (95%) IT and tech companies are aware of where the gaps in their current cybersecurity defences are, but, worryingly, only 40% are addressing them, leaving organisations vulnerable to future attacks. The acute cybersecurity skills shortage in the UK is one of the contributing factors to this, with 59% of IT decision makers stating that it is impacting the cybersecurity efforts in their organisations.

Lothar Renner, Cisco EMEAR: today's compliance requirements, skills shortages, a hybrid workforce and a threat-filled landscape are all making security complex.

"Leaders in the IT and tech space believe the skills gap doesn't just apply to their direct teams, but runs deep within organisations," reports Keeper Security. "Over half (60%) state that employees don't understand the cybersecurity implications of poor password hygiene. Many IT decision makers (69%) therefore urge their companies to do more to educate employees on cybersecurity best practices, while three in four (73%) are in favour of mandating basic cybersecurity training before new starters join a business."

Adds Darren Guccione, CEO & co-founder of Keeper Security: "The UK's IT and tech industry is a stalwart for innovation but, when it comes to cybersecurity, the sector still has some catching up to do. Our research has found that cybercriminals are really turning up the heat, and will continue to target IT and tech companies in the years to come. To counter this, it is essential that organisations address both the current skills gap and implement stringent IT policies that include a zero-trust and zero-knowledge approach to cybersecurity. With the best cyber defence solutions in place, IT and tech companies will be able to weather the cybersecurity storm they continue to face."

SURGE IN RANSOMWARE ATTACKS
Meanwhile, McAfee Enterprise has released its latest Advanced Threat Research Report iii that sets out to highlight the most impactful cybercriminal activity from the second quarter of 2021, with a focus on ransomware and cloud security threats.

Despite the most influential underground forums XSS and Exploit announcing a ban on ransomware advertisements and the DarkSide ransomware group abruptly halting its operations, McAfee Enterprise's global threat network identified a surge in ransomware attacks by popular malware families, in addition to expanded targeted sectors. In fact, McAfee Enterprise's threats team identified that 73% of ransomware detections in Q2 2021 were related to the REvil/Sodinokibi family and that DarkSide ransomware attacks extended beyond the oil, gas and chemical sector to legal services, wholesale and manufacturing.

Other key findings in the research include:

• The most targeted sector by ransomware in Q2 of 2021 was the government, followed by telecom, energy and media & communications
• A 64% increase in publicly reported cyber incidents targeted the public sector during the second quarter of 2021, followed by the entertainment sector with a 60% increase. Notably, information /communication had a 50% decrease in Q2 2021, with manufacturing down 26%
• Financial services were targeted in 50% of the top 10 cloud incidents

‘NO ONE SAFE FROM CYBER ATTACKS’
Comments Adam Philpott, EMEA president at McAfee Enterprise: "The fact that the government saw a 64% increase in publicly reported cyber incidents specifically targeting the public sector should be a warning that no one is safe from a cyber-attack. As cyber criminals adapt their methods to target the most sensitive data and services, the public sector must shore up its defences to mitigate further threats.

"By deploying a security strategy that blends both Zero Trust and SASE approaches, the public sector can be more confident, knowing that they have the necessary barriers in place to protect against sophisticated attacks. This has become particularly important as workers split their time between home and the office, with organisations needing to protect entry and data at every control point."

The good news is that data shows that attacks across several other sectors, including information and the manufacturing sectors, were down, he adds. "Organisations shouldn't get complacent, however, and should use this as an opportunity to figure out what has worked well and how they could tighten up their defences against future attacks. This could include the use of threat intelligence, which helps organisations to predict and prioritise potential threats before pre-emptively adapting their defensive countermeasures, ensuring optimised security and future business resilience."

DECREASE IN UNIQUE ATTACKS
Finally, Positive Technologies experts have analysed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks iv. If that can be seen as the good news, it also reports an increase in the share of attacks against individuals and a rise in attacks involving remote access malware.

Ekaterina Kilyusheva, Positive Technologies: some operators are rethinking their preference for Ransomware as a Service, which carries certain risks from unreliable partners.

The number of attacks in Q3 decreased by 4.8%, compared to the previous quarter - the first time since the end of 2018 that Positive Technologies has recorded a negative trend. The researchers believe one key reason for the change is the decrease in ransomware attacks and the fact that some major players have quit the stage. This is also why the share of attacks aimed at compromising corporate computers, servers and network equipment has fallen - from 87% to 75%.

"This year, we saw the peak of ransomware attacks in April when 120 attacks were recorded," says Ekaterina Kilyusheva, head of research and analytics, Positive Technologies. "There were 45 attacks in September, down 63% from the peak in April. The reason is that several large ransomware gangs stopped their operation and law enforcement agencies started paying more attention to the problem of ransomware attacks [due to recent high-profile attacks].

RANSOMWARE GANGS
Positive Technologies also noted a trend toward the 'rebranding' of existing ransomware gangs: Some operators are rethinking their preference for the Ransomware as a Service (RaaS) scheme, which carries certain risks from unreliable partners.

"In Q2, we predicted that one of the possible scenarios of ransomware transformation would be that groups abandon the RaaS model in its current form," she adds. "It is much safer for ransomware operators to hire people who will deliver malware and search for vulnerabilities as permanent 'employees.' It will be safer for both parties, as more organised and efficient all-in-one forms of cooperation can be created. In Q3, we saw the first steps in this direction. An additional boost for this transformation is the develop- ment of the market of initial access."

Positive Technologies research also shows that, although the share of malware attacks decreased by 22%, the attackers' appetite for data led to an increase in the use of remote access trojans. In attacks on organisations, this share grew from 17% to 36%, while in attacks against individuals remote control trojans made up more than half of all malware. In Q3, the share of attacks involving remote access trojans increased 2.5 times over Q1.

i https://bit.ly/3IFVr7J ii https://www.keepersecurity.com/uk-cybersecurity-census-report-2021.html iii https://www.mcafee.com/enterprise/en-us/lp/threats-reports/oct-2021.html iv https://www.ptsecurity.com/ww-en/analytics/cybersecurity-threatscape-2021-q3