SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Email Security
#
Phishing
Vulnerability exploitation top threat to SMBs - report
Fri, 4th Feb 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Vulnerability exploitation was the top threat against SMBs in 2021, according to a new report from CYREBRO.

CYREBRO, the developers of the first online, technology-agnostic Security Operations Center (SOC) Platform, unveiled research that analysed more than 310 thousand alerts from its customers, of which 80 percent are SMBs across a wide array of industries.

Since the beginning of 2021, 40 per cent of attacks that CYREBRO investigated were based on vulnerability exploits coming from sophisticated threat actors, the report found. Phishing accounted for five percent of all attacks while supply chain attacks represented only one percent. Enterprises were more at risk from supply chain attacks due to the higher number of tools, endpoints and individual users compared to SMBs.

"Given how phishing dominates discussions within cybersecurity, it was surprising to find that vulnerability exploitation was the top attack risk in our research," says CYREBRO CTO Ori Arbel.

"Last year ended with the exploitation of Log4j - one of the worst internet threats in the last decade - and it will likely besiege SMBs for years to come," he says.

"Many small companies that operate with minimal security personnel don't have a clear understanding of every program they use and the software components within each of those systems, making vulnerabilities a challenge to manage and effectively keep on top of."

According to the research, software and IT sector companies were at the largest risk of attack, accounting for one in four threats, while companies within the financial/banking sector accounted for about one in five. Despite healthcare being one of the most sensitive sectors for enterprises, CYREBRO found only six percent of attacks were within this sector as most of their customers are SMBs.

CYREBRO's report advises that it is critical for all SMBs to step up their cybersecurity efforts, and ensure that software vulnerabilities are fixed quickly with the latest updates implemented throughout the organisation.

Companies should also use known block lists to restrict dangerous sources in addition to using network intrusion protection systems, to detect malware attempts, and anti-virus/anti-malware solutions to detect known phishing campaigns and the associated malware.

CYREBRO collected data from over one million computer entities from the beginning of 2021, and analysed the number of events, alerts, and cases it intercepted and investigated.

CYREBRO offers a first-of-its-kind online managed interactive SOC that removes the extra step of logging into multiple programs, transforming how businesses respond to and mitigate cyber threats. The platform provides clarity, insight, and real-time cyber recommendations for businesses of all sizes by integrating all of their security events into one central command.

CYREBRO secures users through its 24/7/365 strategic monitoring, proactive threat intelligence, forensic investigation, incident response, and optimisation that is agnostic to any technology.

Related stories
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Cisco launches Hypershield for AI-driven security upgrade
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Secolve & Asimily join forces to boost Australia's IoT security
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models