Leverage last year’s headlines to inform a more secure 2024
1.
According to Infosecurity Magazine, 63% of hackers reported finding a vulnerability this past year that they had not encountered before.
Hot Take for 2024
With the increase in new vulnerabilities, it’s time to rethink your vulnerability management program. If you’re using automated scanning tools but not pentesting, you’re risking a breach.
2.
According to IBM’s 2023 Cost of Data Breach Report, the average total cost of data breaches in the United States increased to a whopping $9.48 million, representing a 76% increase since 2013.
Hot Take for 2024
Although it’s impossible to be fully protected from a breach, you need a strong cybersecurity plan to minimize the potential damage — which should include an offensive component.
3.
According to researchers at NCC Group, as of the end of November 2023, the total number of attacks around the world hit 4,276, more than double the number of attacks seen the previous year.
Hot Take for 2024
As stated in Deloitte’s Threat Report, these ransomware attacks represent an “urgent need for offensive security practices,” including pentesting, attack surface management, security training, red teaming or tabletop simulations, and continuous assessment and validation.
4.
The White House released a new plan to ensure security in digital ecosystems and “reimagine cyberspace as a tool to achieve our goals.” The plan is to shift the responsibility for security onto organizations, less on small businesses, to help risk for all now and into the future.
Hot Take for 2024
Stricter cybersecurity standards for organizations means the stakes are higher than ever. To operate with the federal government, you’ll need to show compliance – and this will likely trickle down to other sectors.
5.
The National Institute of Standards and Technology (NIST) officially released a draft with context into the strategies needed to incorporate software supply chain security measures into CI/CD pipelines. The document essentially outlines the need for DevSecOp.
Hot Take for 2024
If you haven’t jumped on the DevSecOps bandwagon yet, it’s time to do so. When development and operations teams work together to ensure an application’s security, it drastically reduces the chances of an unwanted incident.
Jump Start the New Year With PlexTrac
Go on the offensive in 2024!
PlexTrac is the premier platform for automating offensive security management and reporting — empowering teams to achieve their security goals.
Source: https://plextrac.com/5-need-to-know-cybersecurity-stats-from-2023/
