security operations. And 99 percent of IT professionals said they are concerned about cyberthreats impacting their organization. • Security control misconfiguration is the most widely perceived security risk, according to Sophos. Researchers also discovered a direct correlation between tool misconfigurations and the industry’s skills shortage, with companies lacking the time, knowledge and experience to configure controls correctly. • Data exfiltration is the threat IT professionals are most concerned about, followed by phishing and ransomware. A separate Delinea study revealed almost all aspects of ransomware worsened in 2023. Data exfiltration also rose as a prominent motivation in ransomware attacks last year, while traditional money grabs plummeted. • Distributed denial of service attacks (DDoS) are a top concern for 32 percent of respondents in the Sophos report, indicating a growing need for enhanced WAN security — particularly for global companies with distributed users and services. • Cloud migrations and SaaS deployments are exposing companies to a much wider range of threats. According to Tenable, two-thirds of cloud decision makers (68 percent) said cloud deployments — including public and hybrid instances — are their organization’s biggest exposure risk. • Artificial intelligence is now being used by threat actors for a variety of tasks such as phishing emails, password cracking and brute force attacks. The UK’s National Cyber Security Centre expects cyberattacks to increase in volume and severity during the next two years. Kaspersky also recently observed a rise in dark web discussions on the illicit use of ChatGPT and other large language models, which indicates that threat actors have a rising interest in exploiting AI technologies. Cyber Channel Trends for 2024 For the latest insights, ChannelVision caught up with C3 Complete’s vice president of information security Jonathan Cox, who recently joined the company following its acquisition of Compliance Solutions’ cybersecurity business unit. Cox sees an incredible opportunity surfacing in the industry for cybersecurity partners, with threat actors evolving and becoming more aggressive with tools such as ransomware and AI. To seize the opportunity, Cox recommends taking the time to understand how various products and services can fill gaps in client bases. CYBER PATROL 28 Thinking about 2023, which cyberthreats are you most concerned about affecting your organization? Type to Cyberthreat % Say Top Concern Data exfiltration (theft by an external attacker) 41% Phishing (including spear phishing) 40% Ransomware 35% Cyber extortion 33% Denial of service attacks (DDoS) 32% Business email compromise 31% Active adversaries (human hands-on-keyboard attackers) 30% Mobile malware 30% Cryptominers 22% Wipers 16% I am not concerned about any cyber threats affecting my organization in 2023 1% Source: Sophos; survey of IT professionals Source: Uptime Institute, 2022 What if anything do you consider the most vulnerable vectors for ransomware attacks? (Tick up to two) Source: Delinea, survey of security and IT professionals Cyberthreats are now too advanced for the organization to deal with on their own Source: Sophos, survey of IT professionals Cloud Applications Email Privileged access Endpoints I don’t consider anything to be a most vulnerable vector 44% 39% 37% 36% 35% 1% 42% 27% 52% 29% 16% 6% 2023 2022 Less than $10 million $10-$50 million $50-$250 million $250-$500 million $500 millon to $1 billion $1 billion to $5 billion $5 billion plus 41% 42% 48% 50% 55% 55% 60% In what area, if any, do you invest the most prevent ransonware? (Tick up to two) CHANNELVISION | MARCH - APRIL 2024
RkJQdWJsaXNoZXIy NTg4Njc=