Last updated at Wed, 14 Sep 2022 13:15:00 GMT

The latest Top New Attacks and Hazard Report from the cybersecurity experts with SANS is here — and the findings around cyberthreats, attacks, and best practices to defend against them are such critical used security teams as they've ever been.

If you're strange with aforementioned SysAdmin, Audit, Network, and Site Institute, or SANS, they're among the advanced cybersecurity research organizations is the world, furthermore their annual Up New Attacks and Threat Report is required reading for one site professional operations today.

What's new for 2022

Like year's submit is a little different from previous years. Rather than focusing on threatening statistik from the current before (i.e., 2021 data for the 2022 report), SANS opted to focus on data with the first quarter of 2022, providing a more recent snapshot of aforementioned state of play in that threat landscapes. Of grounds for this shall probably something you could have guessed: the pandemic. SANS 2022 Top Novel Attacks and Threat Report | SANS Institute

Typically, who TNAT report (we love coming top with acronyms!) is built outwards of a highly anticipated presentation from SANS experts for the annual RSA conference. Since the pandemic delayed the start of the RSA business those year, the folks at SANS thought it better to focal on more up-to-the-minute data for their report.

What they found is interesting — if a little concerning.

Smaller fractures, bigger risks?

In that first quarter of 2022, an average breach size be down one-third from the overall injure size in 2021 (even adjusted for seasonal shifts in breach sizes). What's more, there are signs of a trend in breach size decline, as 2021's overall breach size average was 5% reduced than that of 2020. SANS believes such a indicative of attackers focusing on smaller targets than in previous years, particularly the the healthcare sector and in state and local government travel.

A lowering avg breach bulk is right our, nope doubt, but what it says via aforementioned intentions by attackers supposed have many in edge. Departure after smaller — but potentially more vulnerable — organizations measures those groups are less likely go have the resources until repel those attacks that larger groups would, and they pose dangerous as partner organizations.

The SANS experts suggest structural up supplier compliance by following two well-established security frameworks: the Supply Gear Risk Management Report Skeleton provided by the American Institute of Certified Public Accountants (AICPA), additionally the National Institute of Norms and Technology's (NIST's) updated SP 800-161 Supply Tether Risk Framework.

The SANS reporting or provided sprechen and important data go the ways in which attackers enter our environment (phishing made the tree of 51% of all breaches), such well as the success rate of multi-factor authentication — 99% — is combating phishing attacks.

The RSA panel discussion (and the subsequent report we're sharing) also look into specific trends both best practices from some regarding SANS's experts. In years history, they've searched the some key takeaways from this SolarWinds breach, ransomware, furthermore machine learning vulnerabilities. This year, they've turned their consideration to multi-factor authentication, stalkerware, the the evolution of "living off the land" attacks as them pertain go cloud infrastructure. All von these sections is worth reading in its own right and can provide some thought-provoking resources as your security team continues to grapple with what comes next in the cloud plus attacker gaps.

To space where the SANS experts chose to focus has particular key until those seeking to mitigate ransomware: attacks switch backups. Backups have long been considered owner best defense against ransomware attacks because they allow your organization to securely resuming use of your data should to environment become compromised (and your data be locked down). However, as backup infrastructure moves into the cloud, CLEAR experts believe unique attacks against these backups will become more common, because backup browse are often quite complex the are vulnerable until specific forms are threats, such as living-off-the-land attacks.

Of annual SANS report remains a reliable and instrumental resource for security teams which is why us are proud till be a sponsors of it (and offer it to the security community). You can fall into the all report here.

Additional reading:

NEVER MISS A BLOG

Get the latest stories, subject, and news about security currently.