The recent release of new data from U.K. cyber insurer Beazley’s brings to light what kinds of attacks their customers are experiencing and who’s at risk.
Cyberattacks in the U.K. occurred an average of one per minute in 2019. While so many attacks can appear indiscriminate in nature, cyber insurer Beazley brings some order to the perceived cyber-chaos, helping U.K. organisations understand the nature of attacks and their targets.
Beazley’s 2020 Breach Briefing covered some of the trends experienced by their customers between 2018 and 2019. According to the briefing:
- Business Email Compromise (BEC) was down slightly (12 percent) in 2019
- Ransomware saw a massive increase of 131 percent
- The top cause of loss (54 percent) was “hacking or malware”
- Healthcare was the most targeted industry (35 percent of attacks)
- Small and Medium Businesses were the largest target (62 percent)
According to Beazley, remote desktop and phishing attacks were the two primary attack vectors. This aligns with previous industry data we’ve seen. As we’ve previously recommended, RDP attacks can be best addressed by eliminating Internet-facing access to an RDP session, using a VPN, and leveraging a third-party remote desktop product.
Phishing requires a bit of a layered security strategy, including DNS and email scanning, endpoint-based AV, endpoint detection and response solutions, and – most importantly – Security Awareness Training for your users. The other solutions are designed to attempt to detect and stop phishing attacks, but it’s Security Awareness training that empowers users to be included in the security strategy by teaching them to be mindful of (and spot) suspicious and potentially malicious emails before interacting with them.
Request A Demo: Security Awareness Training
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilise users as your last line of defence. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW