When BrightCloud dropped this year’s edition of its threat report, we got to see just how crafty the cybercrime world has become. For example:
- Cobalt strike, a tool originally designed for white hats and red teams, was used in nearly all the major cyberattacks of 2021.
- Phishing has become a complex game of custom content, contextual timing, the exploitation of norms and everyday tools and sophisticated corporate impersonation.
- The slate of the most impersonated companies was reshuffled (the top five targeted brands in 2021 accounted for more than 54 percent of detected phishing URLs).
- Average ransomware payouts jumped from $6,733 in 2018 to $322,168 in 2021.
- “Stealth” ransomware attacks are emerging wherein companies are pushed to pay ransoms before the data is encrypted and exfiltrated.
This list is just the tip of the iceberg. Emerging and growing threats include deepfakes and URL shortener exploitation and malicious IPs and complex social engineering, and, and, and, and… The list goes on. It’s as creative as it is expansive and reminds us that predicting what’s coming next on the threat front is virtually impossible. And it’s a walking advertisement for cyber resilience [CF2]and the need for a layered strategy to deal with today’s threats.
How to help clients battle emerging threats
Sharing the 2022 BrightCloud Threat Report—or any current piece of cyberthreat research, for that matter—can deliver the sobering moment you need for your clients to understand just how sophisticated cybercrime has become and why they need layered cyber resilience. It’s also essential to help them understand that sophisticated defenses don’t have to be complicated or burdensome to them. That’s what you and your provider partner are for—to focus on cyber resilience so they can focus on their business.
Consider breaking your resilience discussions into three pieces that are easy for your clients to digest:
- Stronger human defenses: The bulk of today’s breaches start with human exploitation. To date, businesses have been notoriously slow to adopt security awareness training (SAT). That’s no longer tenable. Cybercrooks target people for one reason—it’s the easiest way to be successful. Whether we’re talking about basic cyber hygiene, how to spot phishing attacks, or how to combat URL-shortener exploitation, SAT is the only way to shore up defenses in the weakest part of the organization.
- Human-enhanced machine defenses: The best cybersecurity solutions incorporate two components at all levels of security, whether we’re discussing protective DNS, endpoint security, network security, managed detection and response (MDR) or any other cybersecurity feature or subset. The first component is world-class threat intelligence powered by deep libraries and databases, global reach, and high-performance artificial intelligence (AI) and machine learning (ML). The second component is world-class security personnel that can analyze events flagged by threat intelligence and initiate and manage remediations when needed.
- Rapid recovery power: The final piece is backup and restoration ability. The right solutions delivered at the right places can instantly isolate, patch and rapidly restore data and applications at scale from a single endpoint or compromised cloud account all the way up to entire systems and databases.
When working in tandem, these three pieces can deliver robust defenses against known threats and those that haven’t been created and give businesses true confidence in their ability to weather everything from natural disasters to phishing and ransomware attacks.
It’s easier and more effective with one provider
When you can source all your cyber resilience solutions from a single provider partner, life gets easier for your MSP and your clients. All the resilience components work together by design. Experts steeped in security can advise and support you and your clients around the clock. And your MSP can gain a single point of contact for everything from sales support to helping clients respond to attacks.