View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Malware awareness isn’t enough as Crime-as-a-Service threatens to overwhelm businesses

The Global Threat Landscape Report says organisations need to deploy more than just malware awareness to stay protected against attacks.

By Hannah Williams

The majority of cyber threats organisations face is being fuelled by a Crime-as-a-Service infrastructure that gives adversaries the ability to operate globally at light speed, according to the Global Threat Landscape Report.

The report analyses the cyber security kill chain with a close focus on three central aspects of the landscape such as application exploits, malicious software and botnets against important enterprise technology and industry sector trends.

It was found that the use of modern tools and Crime-as-a-Service infrastructures enables adversaries to operate on a global scale at light speed.

An understanding of how exploit trends and ransomware spreads is essential, especially after the effect of the recent WannaCry attack which hit thousands of organisations around the world.

The report found that 80% of organisations are said to have reported high exploits against their systems, with the majority of the vulnerabilities targeted being released in the last five years.

Read more: Global cybersecurity threats continue to rise

Phil Quade, CISO, Fortinet said: “In the past year, highly-publicised cybersecurity incidents have raised public awareness of how our TVs & phones can be manipulated to deny others’ internet availability, and have shown, that demanding ransom is being used to disrupt vital patient care services.

“Yet, awareness alone isn’t enough. Unfortunately, as organisations increasingly adopt convenience and cost-savings IT techniques such as cloud services, or add a variety of smart devices to their network, visibility and control of their security is at risk.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

As discovered, attacks are continuously spreading across global areas, rather than just being aware of the attack a study of malware will enable organisations to be prepared for the intrusion stages of the different attacks, according to the report.

The report says mobile malware may be challenging to protect, however, the amount of attacks were found to remain steady from Q4 2016 to Q1 2017 with only 20% of organisations detecting it. Despite this, mobile malware rose in every region except the Middle East.

A survey conducted by Accenture in 2016 found that 106 targeted cyber-attacks are faced by the average organisation per year.

The pace of innovation in technology has drastically changed the way that businesses operate and this is something that the report says organisations need to recognise.

The rush to adopt public and private cloud solutions, the introduction of the Internet of Things and more, all require security visibility and control. Essentially, the threat surface has increased dramatically, for example, the median number of cloud applications used per organisation is now 62.

To help overcome this growing challenge the report says organisations should get an understanding of all trends and the likely threats that may arise.


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.