Security threats come in many shapes and forms – and corporate security teams have their hands full with data breaches, ransomware infections, and supply chain attacks. Data from Dark Reading’s latest Strategic Security Survey shows that the majority of IT security leaders are concerned about the wide range of threats to corporate data, despite the confidence that they can identify and respond to incidents. As the figure shows, 58% of security officers say cybercriminals are the top threat to corporate data, followed by 40% with concerns about authorized users and internal employees. Significantly, a small but significant number of respondents cited cloud and network service providers, and suppliers and contractors, two groups that did not really appear in the 2020 survey, as significant threats.

In the survey, 23% of respondents said they were concerned about the risks posed by suppliers and contractors to corporate data, followed by 18% who cited cloud and network service providers. Application vulnerabilities and foreign governments were also in the top 6 at 36% and 25%, respectively.

The list of threat intelligence closely matches the types of security incidents that defenders are most concerned about. Cyber ​​criminals are constantly refining their techniques to enable the theft of corporate data and personal information, whether through ransomware or otherwise compromising applications and systems. Phishing attacks and compromising business emails trick authorized users into disclosing information or doing tasks they shouldn’t. There have been a number of attacks targeting application vulnerabilities, such as the PrintNightmare vulnerability in Microsoft’s Windows print spooler service, which allowed attackers to view, modify, or delete data. Attacks by foreign governments no longer sound that far-fetched, especially after reports of China-sponsored attackers targeting Microsoft Exchange leaked emails, calendar entries and contact information. The Kaseya attack has once again shown how compromising suppliers and contractors can affect downstream customers. The researchers also discovered a vulnerability in Azure Cosmos DB that, if exploited, could have hit thousands of Azure customers. Finally, malicious insider attacks remain an important issue.

Stay up to date with the latest cybersecurity threats, newly discovered vulnerabilities, information about data breaches, and emerging trends. Delivered directly to your e-mail inbox daily or weekly.

Source link
#survey #suppliers #cloud #providers #threats #corporate #data

Leave a Reply