New research from global cybersecurity firm Trend Micro has revealed that 58 per cent of Canadian organizations feel they currently have a moderate risk exposure. However, over half (53 per cent) feel their organization is exposed to cyber risk threats such as phishing (59 per cent), ransomware attacks (55 per cent), supply chain (55 per cent) and IoT attacks (52 per cent). Respondents also indicated that overly complex tech stacks and lack of awareness from leadership are exacerbating issues.
On average, Canadian organizations estimated having 57 per cent visibility of their overall attack surface, and more than a quarter of respondents still approach their attack surface by mapping their systems manually (27 per cent). This may explain why only around 37 per cent are able to fully and accurately detail any one of the following based on risk assessments:
- Risk levels for individual assets
- Attack attempt frequency
- Attack attempt trends
- Impact of a breach on any particular area
- Industry benchmarks
- Preventative action plans for specific vulnerabilities
About 43 per cent of the IT and business decision makers Trend Micro interviewed say that keeping up-to-date with the ever-evolving attack surface is the main area they struggle with. In addition, nearly half (44 per cent) consider phishing or email attacks as the primary way of a cyber-attack starting against their organization.
The inability of organizations to accurately assess attack surface risk also keeps business leaders in the dark. According to Trend Micro’s insights, 11 per cent of Canadian organizations do not have a well-defined way to assess the risk exposure of its digital attack surface, and 69 per cent of respondents think the C-Suite should play a more active role in promoting good cybersecurity practices.
A quarter (24 per cent) of those surveyed believe that increasing cybersecurity training or education would have the greatest impact in enabling leadership to better understand cyber risk.
There’s a clear opportunity here for organizations to leverage third-party expertise.
Only one-third (36 per cent) of Canadian respondents are already invested in a platform-based approach to attack surface management, while nearly half (47 per cent) of respondents say they’d like to do the same. Of those who’ve already made the move, improved visibility (42 per cent), reduced costs (40 per cent) and faster breach detection (35 per cent) are the most cited advantages.
Among those not planning to switch to a platform model, 37 per cent Canadian organizations consider time to move as the biggest disadvantage to using a platform model.
Trend Micro commissioned Sapio Research to interview 6297 IT and business decision makers across 29 countries to compile the study.
For more information on Trend Micro’s global risk research, click here: https://www.trendmicro.com/explore/trend_global_risk_research_2
Beware The Darkverse And The Cyber-Physical Threats It Will Enable: Trend Micro
Posted in Commentary with tags Trend Micro on August 9, 2022 by itnerdTrend Micro Incorporated, today released a new report warning of a “darkverse” of criminality hidden from law enforcement, which could quickly evolve to fuel a new industry of metaverse-related cybercrime.
The top five metaverse threats outlined in the report are:
As imagined by Trend Micro, the darkverse will resemble a metaverse version of the dark web, enabling threat actors to coordinate and carry out illegal activities with impunity.
Underground marketplaces operating in the darkverse would be impossible for police to infiltrate without the correct authentication tokens. Because users can only access a darkverse world if they’re inside a designated physical location, there’s an additional level of protection for closed criminal communities.
This could provide a haven for multiple threats to flourish—from financial fraud and e-commerce scams to NFT theft, ransomware and more. The cyber-physical nature of the metaverse will also open new doors to threat actors.
Cybercriminals might look to compromise the “digital twin” spaces run by critical infrastructure operators, for sabotage or extortion of industrial systems. Or they could deploy malware to metaverse users’ full body actuator suits to cause physical harm. Assault of avatars has already been reported on several occasions.
Although a fully-fledged metaverse is still some years away, metaverse-like spaces will be commonplace much sooner. Trend Micro’s report seeks to start an urgent dialog about what cyber threats to expect and how they could be mitigated.
Questions to start asking include:
To read a full copy of the report, Metaverse or MetaWorse? Cyber Security Threats Against the Internet of Experiences, please visit: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/metaworse-the-trouble-with-the-metaverse.
Leave a comment »