CYREBRO Analysis: Vulnerability Exploitation is the Top Threat to SMBs
Software and IT among the biggest sectors at risk for attack
TEL AVIV, Israel, Feb. 3, 2022 /PRNewswire/ -- CYREBRO, the developers of the first online, technology-agnostic Security Operations Center (SOC) Platform, unveiled research revealing that vulnerability exploitation was the top threat against SMBs in 2021. CYREBRO analyzed over 310 thousand alerts from its customers, of which 80 percent are SMBs across a wide array of industries.
Since the beginning of 2021, 40 percent of attacks that CYREBRO investigated were based on vulnerability exploits coming from sophisticated threat actors. Phishing accounted for five percent of all attacks while supply chain attacks represented only one percent. Enterprises were more at risk from supply chain attacks due to the higher number of tools, endpoints and individual users compared to SMBs.
"Given how phishing dominates discussions within cybersecurity, it was surprising to find that vulnerability exploitation was the top attack risk in our research," said CYREBRO CTO Ori Arbel. "Last year ended with the exploitation of Log4j - one of the worst internet threats in the last decade - and it will likely besiege SMBs for years to come. Many small companies that operate with minimal security personnel don't have a clear understanding of every program they use and the software components within each of those systems, making vulnerabilities a challenge to manage and effectively keep on top of."
Software and IT sector companies were at the largest risk of attack, accounting for one in four threats, while companies within the financial/banking sector accounted for about one in five. Despite healthcare being one of the most sensitive sectors for enterprises, CYREBRO found only six percent of attacks were within this sector as most of their customers are SMBs.
CYREBRO's report advises that it is critical for all SMBs to step up their cybersecurity efforts, and ensure that software vulnerabilities are fixed quickly with the latest updates implemented throughout the organization. Companies should also use known block lists to restrict dangerous sources in addition to using network intrusion protection systems, to detect malware attempts, and anti-virus/anti-malware solutions to detect known phishing campaigns and the associated malware.
CYREBRO collected data from over one million computer entities from the beginning of 2021, and analyzed the number of events, alerts, and cases it intercepted and investigated.
About CYREBRO
CYREBRO offers a first-of-its-kind online managed interactive SOC that removes the extra step of logging into multiple programs, transforming how today's businesses respond to and mitigate cyber threats. The platform provides complete clarity, insight, and real-time cyber recommendations for businesses of all sizes by integrating all of their security events into one central command. CYREBRO secures users through its 24/7/365 strategic monitoring, proactive threat intelligence, forensic investigation, incident response, and optimization that is agnostic to any technology. To learn more, visit www.cyrebro.io.
For more information, please contact:
Josh Turner
Si14 Global Communications
cyrebropr@si14global.com
Mobile: +1-917-231-0550
Share this article