Understanding the threats we face is crucial to protecting against them. Industry research and reports are invaluable to this understanding, providing insights to inform mitigation efforts. Few cybersecurity reports are as valuable or comprehensive as the annual ENISA Threat Landscape Report (ETL). Now in its 20th year and published by the European Union Agency for Cybersecurity (ENISA), the ETL covers data from June 2023 to July 2024, revealing the key trends shaping the cyber threat landscape in Europe and beyond. So, without further ado, let's dive in. Geopolitics Drives Cyber Threats...
Author: Josh Breaker-rolfe
Cybersecurity's role in geopolitics is growing more significant by the day. In a world of increasingly sophisticated cyber threats, governments worldwide are recognizing the impact digital attacks can have on national security, trade, and infrastructure. This has never been more evident than with the recent introduction of the Protecting Investments in Our Ports Act by U.S. Senators John Cornyn (R-TX) and Gary Peters (D-MI), along with U.S. Representatives Daniel Webster (FL-11) and Salud Carbajal (CA-24) on September 17th, 2024. The Act signifies another critical step toward bolstering the...
We’re over halfway through the year, and ChainAnalysis has released parts one and two of their 2024 Crypto Crime Mid-Year Update . The update provides valuable insight into the cryptocurrency and cybersecurity landscape, so let’s look at the key takeaways and what they mean. There’s Been an Overall Decline in Illicit Activity Contrary to what one might expect, aggregate illicit activity on the blockchain decreased 19.6% from H1 2023 to H1 2024, falling from $20.9B to $16.7B. Although ChainAnalysis notes that illicit activity totals will likely rise over time, these statistics demonstrate that...
Privacy and convenience have always been at odds, especially regarding digital onboarding or online sign-ups. For modern organizations, striking a balance between the two has become increasingly important. At the same time, a recent report said 53% of customers suggest that they would give up their interaction with a brand if it took longer than two minutes, while as many as 87% expect basic levels of privacy to be met. Customers are more privacy literate than ever. They understand the value of their data and expect the brands they deal with to address data privacy concerns adequately. While...
When discussing the consequences of a data breach for organizations, we usually consider three types of damage: financial, legal, and, somewhat more tenuously, reputational. But what about stock prices? One would assume that stock price—an indicator of a business’s overall health and investor confidence—would plummet after a breach, but is this really the case? Do Stock Prices Fall After Data Breaches? In short, yes, data breaches do negatively impact stock prices. But this statement oversimplifies the issue. For example, the impact of a data breach on stock price varies depending on the...
The CIS Critical Security Controls (CIS Controls) are a set of best practices designed to help organizations protect themselves from the most common cyber attacks. First developed in 2008, the controls define the minimum level of cybersecurity any organization that collects or maintains personal information should meet. CIS released version 8.1 of the CIS Critical Security Controls on June 25 th, 2024. While the changes between v8 and v8.1 are relatively minimal—especially compared to previous updates, such as those from v7.1 and v8—it’s worth briefly exploring the update. How do CIS Controls...
The Office for National Statistics (ONS) most recent Crime Survey for England and Wales (CSEW) has revealed that computer misuse cases rose 37% in the year ending March 2024, bucking a general trend of decline. The CSEW first started tracking computer misuse in the year ending (YE) March 2017, which saw roughly 1.8 million incidents. By March 2023, this number had fallen to 745,000. In March 2024, however, computer misuse incidents rose dramatically to 1 million. However, increases of this nature are not uncommon. Despite a general trend of decline in computer misuse cases, the CSEW has...
Cyber insurance has a strange past: AIG first took cyber insurance to market in 1997 despite a total lack of actuarial data to inform premiums or policies. Essentially, the industry ran on guesswork. Even today, the cyber insurance market is remarkably unpredictable compared to long-established insurance policies such as those for housing or health. Typically, when cybercrime – or, more specifically, ransomware – rates rise, so do insurance premiums. This issue has plagued the cyber insurance market for the past decade; as ransomware rates surged, premiums rose to a near unaffordable high...
In recent years, cloud technology has become integral to business operations. Compared to on-premises infrastructure, it allows for improved scalability and flexibility, cost savings, collaboration, security, and data loss prevention. The cloud computing market is set to reach $679 billion in value in 2024. But what are the trends currently defining the cloud computing market? According to Donnie MacColl, Senior Director of International Support and Global Data Protection Officer at Fortra, the cloud technology landscape 2024 is characterized by several key trends, many of which are evolutions...
Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with standards, guidelines, and best practices to help them manage and reduce their cybersecurity risks. While cybersecurity frameworks such as the Center for Internet Security (CIS) Controls and the National Institute of Standards and Technology (NIST) are not mandatory, they complement required compliance policies and can help harden an organization’s...