Ransomware Attacks Are Down, but Security Incidents Are Up

As reported by Business Wire, Scale Venture Partners has released its 10th annual Cybersecurity Perspectives Survey, which polls leaders and experts in the field to analyze what’s going on in the security world. The good news, and perhaps a headlining statistic, is successful ransomware attacks are down. In fact, these attacks have fallen by 30% over the past year, which is
July 17, 2023
 / 
meritsolutions
 / 
Image

As reported by Business Wire, Scale Venture Partners has released its 10th annual Cybersecurity Perspectives Survey, which polls leaders and experts in the field to analyze what’s going on in the security world.

The good news, and perhaps a headlining statistic, is successful ransomware attacks are down. In fact, these attacks have fallen by 30% over the past year, which is a welcome sight considering how sharply ransomware attacks rose in the year prior.

However, it isn’t all good news: While these successful attacks have decreased, cybersecurity “incidents” have increased. According to the study, “71% of organizations experienced three or more types of security incidents, a 51% increase year-over-year.” The study dives into these incidents, and analyzes areas where the security industry can make improvements going forward:

To kick things off, the most common incident experienced among members of the survey were cloud service attacks. 50% of these organizations reported at least one incident involving a cloud service in the past year, with attacks against third-parties increasing these numbers 37% over last year. Phishing attacks targeting employee logins also increased in this period.

While cloud service attacks have an obvious history amongst types of cyberattacks, the survey also highlighted new types of attacks. The fourth most common attack was software supply chain software attacks, which occurs when bad actors infect a vendors software before that software is deployed to customers, while 20% of responders reported an AI model attack or compromise incident.

With these old and new attacks now on the radar, organizations reported being unable to hire enough talent to fill cybersecurity positions to help fight against these attacks. That said, existing security teams have plans moving forward: Many are prioritizing network security, IAM (identity and access management), and cloud infrastructure security in particular, while most are committing to their security policies more stringently than in years past.

Share This

Leave a Reply



Sign Up for weekly MERIT Security Briefing

By signing up, you agree to our Privacy Policy.