In 2023, cyber attackers are expected to target large companies regardless of industry in, a Titaniam study finds. Attackers are expected to broaden their targeting strategy beyond regulated verticals such as healthcare and financial services. Major businesses (41%) would represent the most often attacked segment in 2023, followed by financial institutions (36%), the government (14%), the healthcare sector (9%), and the educational sector (8%).
Corporate networks have developed new vulnerabilities as a result of the rapid speed of development, which has made them a more appealing target for hackers. Large businesses would be using more cloud services, gathering data, releasing code into production more quickly, and linking apps and systems via APIs to compete in the digital economy. As a result, attackers can take advantage of misconfigured services, insecure APIs, untested apps, exposed databases, and poorly tested software, according to Titaniam’s recent study.
Titaniam is a platform for data security and ransomware defense that makes use of high-performance encryption-in-use to protect important data even in the event of a corporate breach and data theft.
Attack Strategies Are Changing in 2023
The top four threats in 2022 were malware (30%), ransomware and extortion (27%), insider threats (26%), and phishing (17%). Titaniam’s study found that enterprises expected malware (40%) to be their biggest challenge in 2023, followed by insider threats (26%), ransomware and related extortion (21%), and phishing (16%). Malware, however, has more enterprises worried for 2023 than it did for 2022. According to Titaniam, it is important to note that these cyberthreats can be overlapping, where insiders can have a hand in ransomware attacks, phishing can be a source of malware, et cetera.
Cyber attackers would be changing their tactics in an effort to outwit and surprise cybersecurity personnel who have strengthened ransomware protections and enhanced phishing detection. They would use new malware to speed up assaults, steal sensitive information, and cause havoc, such as loaders, infostealers, and wipers. Additionally, they would be purchasing and stealing employee login information to access business networks through the main entrance.
2 in 3 Companies Report 2022 Breaches, Many See Lower Dwell Time
In 2022, cyber attackers broke into over two-thirds (65%) of businesses using security flaws and procedural weaknesses to gain access to networks. No corporate security team wants to find a breach, but owing to security platforms that employ automation and artificial intelligence to find abnormalities among noise and quicken security operations procedures, they are doing so more quickly.
When a breach occurred, 91% of cybersecurity operations teams found out about it in a week and 100% did so in a month.
Attackers, nevertheless, are also becoming more intelligent. Once within business networks, they act quickly to target and exfiltrate valuable data, including as information that is essential to the company (57%), intellectual property (57%), and personally identifiable information (PII) or sensitive PII (38%).
Both Structured and Unstructured Data Are at Risk for Theft
Structured data was more vulnerable to malicious exfiltration in 2022 than unstructured data. Attackers specifically targeted structured data used for analytics in online platforms like Databricks (63%), as well as databases like Oracle and Microsoft Azure SQL Server (68%).
Cyber attackers did, however, also look for unstructured data generated by users (50%), accessed by users (57%), or stored in technologies like Microsoft OneDrive, Microsoft SharePoint, and others.
Moving into 2023, structured data used for analytics is anticipated to be the target of more attacks (68%) than databases (62%). They would also prioritize user-generated unstructured data (58%) above that produced by apps (54%), as well as data from other sources (16%). Analytics and user data indicate business purpose, giving adversaries, including nation-states, hackers, and others, a window into tactics, plans, product launches, alliances, and other information of interest.
Data Security, Ransomware Protection
Large corporations may defend their strategies and intellectual property by protecting their data. Therefore, it is not unexpected that safeguarding data (31%) has risen to the top position in terms of security priorities for 2023, according to Titaniam, surpassing other goals such as avoiding harmful attacks (23%) and combating ransomware, data exfiltration, and extortion (27%). In order to achieve this aim, 92% of teams anticipate stepping up security in 2023, while 97% will look into novel approaches.
Over 30% of participants selected data security as their most significant forthcoming project, pushing it to the top of the list of priorities for 2023. Ransomware and extortion defense came in second place with over 25%.
About Titaniam
Titaniam completed a $6 million initial investment round earlier this year, which was headed by Refinery Ventures and included Fusion Fund and Shasta Ventures. Ray Rothrock, Richard Clarke, and Dale Fuller, Refinery Venture’s most recent Venture Partner, among others, participated in the funding as individual investors.
In addition to encryption, the company’s security platform would provide visibility into data that was accessed, observed, or exfiltrated. The technology also offers detailed field-level evidence attesting that the protected data maintained strong encryption during the assault, independent of access privilege. This prevents ransomware attackers from using data as leverage, sparing the company from extortion, fines, and notification fees.
