福布斯 Forbes 杂志最近发布了一篇分析文章,对2022 年上半年的网络安全统计数据进行了整合分析,里面很多内容令人震惊。

这篇文章非常长,但值得好好阅读一下,从而可以更好的了解网络安全无论是从攻击方还是防守方的趋势,以及企业组织应当如何更好的准备和应对。

我把它的小标题给大家整合分类一下:

首先总体介绍网络安全攻击强度和频度的急剧增长

  • Businesses Suffered 50% More Cyberattack Attempts per Week in 2021
  • Cybercriminals can penetrate 93 percent of company networks

然后重点介绍了三种影响比较大的热点攻击技术

首先介绍了一下勒索病毒/勒索攻击的危害性,以及如何保护

  • Ransomware, the Scourge Continues and is still trending a preferred method of cyber-attack in 2022
  • Ransomware attacks, and ransom payments, are rampant among critical infrastructure organizations
  • Ransomware Trends, Statistics and Facts in 2022
  • How Costa Rica Found Itself at War Over Ransomware
  • And importantly, actions to take that help protect against ransomware attacks

其次讲讲软件供应链攻击的影响

  • Software supply chain attacks hit three out of five companies in 2021
  • 82 percent of CIOs believe their software supply chains are vulnerable

最后讲讲商业邮件攻击(BEC)的影响

  • $43 billion stolen through Business Email Compromise since 2016, reports FBI

接下来介绍网络犯罪组织和网络犯罪未来的发展趋势

  • Proofpoint’s Annual Human Factor Report Reveals How 2021 Became the Year Cyber Criminals Got Creative
  • The cyber threat is so pervasive that it is estimated to cost the world $10.5 trillion annually by 2025.
  • Report: Increase in socially engineered, sophisticated cybersecurity attacks plagues organizations

然后再回到企业组织本身,企业组织自身是否做好了相应的网络安全防范准备和应对措施?

  • Many security executives say they’re unprepared for the threats that lie ahead
  • Only 50% on U.S. businesses have a cybersecurity plan in place
  • What Should Business do to Mitigate Cyber-threats?!
  • A Cybersecurity Risk Management Strategy for the C-Suite
  • The Risk Management Imperative For Cybersecurity
  • Securing your data is key.

最后再谈到网络安全的未来发展趋势

  • Cybersecurity trends: Looking over the horizon | McKinsey
  • 7 hot cybersecurity trends (and 2 going cold) | CSO Online
  1. Hot – Ransomware
  2. Hot – Cryptomining/Cryptojacking
  3. Hot – Deepfakes
  4. Hot – Videoconferencing attacks
  5. Cold – VPNs
  6. Hot – IoT and OT attacks
  7. Hot – Supply chain attacks
  8. Hot – XDR
  9. Cold – Passwords

里面一些文字写的很好,给大家摘录几句:

网络安全一直是一场永无止境的竞赛,但变化的速度正在加快。公司正在继续投资于技术以开展业务。现在,他们正在将更多系统分层到其 IT 网络中,以支持远程工作、增强客户体验并创造价值,所有这些都会产生潜在的新漏洞。

与此同时,对手——不再局限于单个参与者——包括高度复杂的组织,这些组织利用人工智能和机器学习的集成工具和能力。威胁的范围越来越大,没有任何组织可以幸免。

上述链接突出了行业专家已经证实的许多严重漏洞。但 C-Suite 不必为了应对这些威胁和统计数据而保持闲置。我对所有企业,尤其是经常面临因网络攻击而倒闭风险的中小型企业的建议是,认真看待网络风险,并将相应的计划作为企业运营战略的一部分。

原文地址:

Alarming Cyber Statistics For Mid-Year 2022 That You Need To Know

https://www.forbes.com/sites/chuckbrooks/2022/06/03/alarming-cyber-statistics-for-mid-year-2022-that-you-need-to-know/?sh=1fe196047864