Global Threat Report 2024: Current situation
CrowdStrike® publishes the Global Threat Report annually to present the most relevant dangers, developments and threats from the cyber world. We have summarized the most important findings of the full report for you here.
Safety culture more important than ever
The trend in threats is moving away from malware and towards people. Interactive attacks increased by 60% in 2023, with 75% of attacks now taking place without malware. Criminals are now more likely to use methods such as phishing, social engineering or password spraying. This underlines the fact that cybersecurity starts with individual employees. Accordingly, it is highly relevant for companies and organizations to train employees in the area of information security, for example by training them as Information Security Managers according to ISO 27001. Through targeted training, you can prevent potential cybercrime attacks, strengthen the security of your organization and send a strong signal of trust to potential and existing customers!
Cloud in danger
While cloud use is becoming increasingly attractive for organizations, the associated risks are also increasing massively. In the last year, the frequency of cloud attacks has risen by 75%, a warning call for all companies that operate in the cloud themselves. In this area too, it is now essential to ensure additional security, for example by implementing ISO 27017. ISO 27017 is an extension of ISO 27001 and contains specific security measures for cloud service providers and cloud service customers. If your organization operates in the cloud or plans to do so in the future, ISO 27017 certification is the right step towards security and customer trust!
Rapid response required
Another worrying development is the further reduction in the average eCrime breakout time (the time it takes an attacker to get from one infected device to the next within an organization). While this was still 84 minutes in 2022, attackers only needed an average of 62 minutes in 2023. This shows that an appropriate initial response to an attack within a short period of time is of the utmost relevance.
The implementation of management systems offers a clear advantage here: trained employees, for example in accordance with ISO 27001, can detect cyberattacks more quickly and have more competence in the initial response. Above all, implementing a business continuity management system can protect organizations from greater damage, as it defines clear steps and responsibilities in the event of a cyberattack and deals with possible operational failures.
Strengthen your security
Do you want to protect your organization, business partners and customers from increasingly frequent cyber attacks? Acquire know-how in areas such as information security, cloud computing or business continuity management - CIS - Certification & Information Security Services GmbH is at your disposal as an accredited certification body!