Security Threats Are Universal

Table of Contents

The threat landscape continually evolves, driven by the value of data and propagated by sophisticated, evasive, and sometimes AI-enabled cyberattacks. All industry sectors and all organization sizes must protect their data, people, company, and technology. Data is at the heart of cyberattacks, with data theft, ransomware, and phishing, among many types of security threats targeting unprotected businesses.

Consequences of a Cyberattack

Businesses that suffer a cyberattack carry the burden of financial costs, reputational damage, negative impacts on productivity, and fines from non-compliance with regulations.

$4.88 Million
Average cost of a data breach
$25,620 / $540,000
Downtime costs per hour
$25,620 for SMBs $540,000 for enterprises
51%
Dark web and shadow Telegram channels
51% of discussions used to propagate zero-day vulnerabilities
1.9 Billion
Malware
US companies dealt with 1.9 billion malware incidents

Industry Sectors and Cyberattacks

Accounting Firms

Accountants handle large volumes of financial information and sensitive data on behalf of clients. Accountancy firms are also subject to regulatory compliance, including GDPR, Sarbanes-Oxley, HIPAA, and others. Cybercriminals exploit financial and client data to extort firms, steal information, carry out fraudulent transactions, and cause reputational damage.

Common cyberattacks targeting accounting firms

  • Data theft
  • Phishing
  • Ransomware
  • Business Email Compromise (BEC) and other fraud

Accounting firm cyber pain points

  • Legacy or basic IT systems
  • No internal security team
  • Poor security awareness

Education Sector

Education is at the helm of student data management, with attackers focusing on data theft and disruption. Schools and tertiary education institutions have long been the target of cybercriminals intent on causing harm, engaging in financial extortion, and stealing sensitive data. Regulations, such as the Children's Internet Protection Act (CIPA), enforce stringent rules over the protection of data and internet safety.

Common cyberattacks targeting education

  • DDoS (Distributed Denial of Service)
  • Phishing
  • Ransomware
  • Data theft

Education cyber pain points

  • Lack of security staffing and resources
  • Broad attack surface with multiple users connecting
  • Sensitive data
  • Digitization of education

Energy and Utilities

As critical infrastructure (CI), energy and utilities companies are at the forefront of cyberattacks. Attackers exploit vulnerabilities and target employees in an effort to cause disruption, extort money, and steal intellectual property (IP). Politically motivated attacks as well as cyberespionage are threats, but ransomware is the scourge of the sector. At the heart of sector attacks is the convergence of OT/IT that provides an exploitable surface where cybercriminals can gain unauthorized access and control.

Common cyberattacks targeting energy and utilities

  • Ransomware
  • DDoS (Distributed Denial of Service)
  • Cyber espionage
  • Supply chain attacks and unauthorized access
  • Privilege escalation and “Living off the Land” (LOTL) attacks

Energy and utilities cyber pain points

  • Smart infrastructure vulnerabilities
  • Unpatched vulnerabilities in Industrial Control Systems (ICS)
  • Valuable data and IP
  • Geopolitical tensions that target CI

Finance (Financial Advisors)

The financial sector is one of the most targeted by attackers. The sector holds significant financial and sensitive data and must comply with stringent regulations, including those of FINRA, GDPR, and the SEC. Attackers target financial advisors using methods including phishing and Business Email Compromise (BEC). Social engineering is used to manipulate individuals into handing over financial details or processing fraudulent invoices. AI-enabled phishing and deepfake attacks are increasingly seen in the sector.

Common cyberattacks targeting finance (financial advisors)

  • Phishing
  • Business Email Compromise (BEC)
  • Account takeover (ATO)
  • Deepfake attacks

Finance (financial advisors) cyber pain points

  • Lack of security awareness amongst staff
  • Lack of a dedicated security team
  • Highly sensitive client data
  • Handle financial transactions

Government Agencies

Government agencies are the custodians of a broad range of citizen and business data. As such, they are a prime target for cybercriminals. Government agencies are also a critical infrastructure, being at the helm of a country, making them a target when geopolitical tensions arise. Government agencies must adhere to a range of regulatory standards.

Common cyberattacks targeting government agencies:

  • DDoS (Distributed Denial of Service)
  • Supply chain attacks
  • Ransomware
  • Data theft
  • Account takeover (AI-enabled and CitizenID targeted)

Government agencies cyber pain points

  • Geo-political tensions and state-sponsored cyberattacks
  • Control over a vast store of citizen and business data
  • Exploitation of trust at scale using trusted government websites

Insurance

Insurers, with responsibility for handling sensitive personal and financial data, are a prime target for ransomware attackers and others intent on stealing this information. Insurers who suffer a cyberattack can experience a loss of client trust, financial extortion, and Errors & Omissions (E&O) claims against the company. Ultimately, revenue is impacted negatively.

Common cyberattacks targeting insurance firms

  • Ransomware
  • Data theft
  • Phishing and social engineering
  • Insider threats

Insurance firms cyber pain points

  • Lack of security awareness amongst staff
  • No dedicated security team
  • Burden of compliance paperwork for an SMB insurer

Legal / Law

Law firms are custodians of highly sensitive and confidential information, as well as their clients' financial details. Cybercriminals target the legal sector to access and abuse these data sources. Data breaches and ransomware attacks are ever-present problems in the legal sector. The results of cyberattacks include loss of client trust and brand reputation, as well as financial extortion and regulatory non-compliance fines.

Common cyberattacks targeting legal/law firms

  • Phishing
  • Supply chain attacks
  • Ransomware

Legal/law firms cyber pain points

  • Lack of investment in security measures
  • Lack of security awareness training for staff
  • Remote workers and a lack of security infrastructure
  • Poorly implemented third-party vulnerability management

Manufacturing

Manufacturing has been at the forefront of digitization, with automation and the convergence of OT and IT bringing improved productivity. However, this digitization has opened doors for cybercriminals. As a critical infrastructure, manufacturing is a prime target for distributive attacks, including ransomware. Geo-political tensions also place manufacturing at the center of hacktivism and IP theft.

Common cyberattacks targeting manufacturing

  • Ransomware
  • DDoS and IoT attacks
  • Data theft and IP theft
  • Supply chain attacks

Manufacturing cyber pain points

  • Convergence of OT/IT opening up access opportunities to cybercriminals
  • Critical infrastructure and hacktivism
  • Vulnerabilities in infrastructure
  • Sensitivity to downtime (ransomware leverage)

Healthcare

The healthcare sector holds vast amounts of highly sensitive patient information. In recent years, ransomware attackers have targeted the healthcare industry, leveraging patient data and the critical nature of healthcare to extract ransoms. The healthcare sector is also subject to strict data protection regulations, including HIPAA and GDPR.

Common cyberattacks targeting healthcare

  • Ransomware
  • Password attacks
  • Data breaches
  • Phishing
  • Supply chain attacks
  • Cyberattacks targeting connected health devices

Healthcare cyber pain points

  • Lack of security awareness training
  • Outdated security measures
  • Vulnerabilities across a mixed IT infrastructure and broad supply chain
  • Lack of preparedness to deal with cyber-disaster scenarios

Retail and eCommerce

Online retail has created a worldwide marketplace. However, this revolution in consumer choice and purchasing options has also provided opportunities for cybercrime. Data breaches, fraudulent transactions, DDoS attacks, bot attacks, and other threats cause website downtime, lost revenue, damage to reputation, and non-compliance fines.

Common cyberattacks targeting retail and e-Commerce:

  • DDoS
  • Retail bots
  • Credential stuffing attacks
  • Ransomware
  • Fraud

Retail and e-Commerce cyber pain points

  • Employee shortages and turnover
  • Limited internal IT resources
  • Temporary and seasonal workers

Technology & Software

The tech sector is no stranger to cyberattacks. As a holder of valuable intellectual property and vast volumes of customer and client data, the tech sector is vulnerable to data theft, industrial espionage, ransomware, zero-day threats, and GitHub attacks. The technology industry and software vendors supply the world with digital technology, making them a target for supply chain attacks.

Common cyberattacks targeting technology & software

  • Supply chain attacks
  • Data breaches
  • IP theft
  • GitHub attacks
  • Zero-day threats, exploit flaws in software and systems and are used to propagate malware and other forms of attack.

Technology & software cyber pain points

  • Speed to market pressures
  • Ideal targets to infiltrate the supply chain
  • Valuable IP, including source code
  • Reliance on cloud systems to store IP (GitHub)

Transportation & Logistics

Transportation and logistics firms provide services that, together, create a fundamental and critical infrastructure. The criticality of these services makes the sector a prime target for disruptive activities and financial extortion. Transportation and logistics are also subject to stringent regulations such as the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA).

Common cyberattacks targeting transportation & logistics

  • Phishing
  • Ransomware
  • Supply chain attacks
  • Data breaches
  • DDoS attacks

Transportation & logistics cyber pain points

  • Critical infrastructure makes companies vulnerable to disruptive attacks
  • Part of a broad supply chain
  • Lack of security awareness training

Security Measures to Mitigate Cyberattacks

All industry sectors are at risk from cyberattacks. Each sector may have its own unique pain points, but common mitigating security measures and approaches can help reduce the risk of a cyberattack escalating into a cyber incident.

Use a layered approach to security: deploy multiple security measures to catch cyberattacks across a broad attack surface.

  • Encryption: Apply encryption across the data lifecycle. Transport Layer Security (TLS) is used to protect data in transit. Data must be encrypted during storage.
  • Access management and control: Unauthorized access can circumvent encryption; therefore, robust access controls and privileged access management must be enforced.
  • Robust authentication: Access control and privilege authorization are enforced using robust authentication. Options should include multi-factor authentication (MFA) and passwordless (biometric-based). Step-up authentication uses rules that respond to security signals, increasing the requirement to add layers of credentials for access.
  • Dark web monitoring: Cybercriminals buy and sell data and company intelligence on the dark web. This is used to target companies and industry sectors. Dark web monitoring tools identify data stolen during ransomware and data theft attacks. An organization can secure its data by locating stolen data to prevent other cybercriminals from carrying out follow-on attacks.
  • Anti-phishing tools: Phishing is often the root cause of many data breaches and ransomware infections. Tools such as DNS filtering and AI-enabled phishing prevention are used to help prevent successful phishing attacks.
  • Security awareness training: Cybercriminals manipulate staff using social engineering and behavioural manipulation. Security awareness training helps to educate employees on the tricks of cybercriminals, empowering staff to prevent human-centric cyberattacks.
  • Cyber awareness training: Misconfiguration and human error can open vulnerabilities in critical IT systems. Cyber awareness training ensures that your IT teams, developers, and other IT support staff are educated on best practice security measures and protocols.
  • Anti-ransomware measures: Mitigating the impact of a ransomware attack requires a layered approach. Tools and measures should include robust authentication and access control, secure back-up, timely and regular security patching of software and firmware, anti-phishing tools, and security awareness training.
  • Anti-DDoS: DDoS attacks can be mitigated by using solutions that control the volume of network traffic. This prevents web servers from becoming overwhelmed by requests.
  • Continuous monitoring of critical IT infrastructure: The application layer, infrastructure, and network should be monitored to identify patterns of unusual behavior that could be caused by malware infections, unauthorized access attempts, and data exfiltration.
  • Security policies: Having a robust set of incident response and disaster recovery policies helps to mitigate the impact of a cyberattack, minimizing the effect on a business.

Table of Contents