On the Cyber Horizon

Web security will become vital as we increasingly rely on web-based applications and SaaS services, suggested Michael Calev, vice president of corporate development and strategy at Perception Point. In this vein, cyber defenders are seeing problems with phishing, spearphishing, and, more importantly, evasion-related attacks.

“We can expect an increasing number of threat actors to target web users through these vectors [this] year. More cross-channel attacks can be expected, and we will see multi-layered attacks that start at one point and then spread across additional vectors,” Calev told TechNewsWorld.

This will lead to the advancement of extended detection and response (XDR) tools, and more companies will start scanning internal traffic to mitigate attacks as best they can, predicted Calev.

“Unfortunately, ransomware is here to stay, and we will see more double- and triple-extortion attacks. This will be accompanied by a growing number of account takeovers, with threat actors taking hold of legitimate accounts and attempting to mislead users and security vendors,” he warned.

Although other threat vectors will see significant growth in 2023, email will remain the largest, added Calev. Email is where the majority of attacks originate.

Paying Up, Not Fighting Back

According to a Perception Point-Osterman report, organizations pay an average of $1,197 per employee to address successful cyber incidents across email services, cloud collaboration apps or services, and web browsers.

This means that a 500-employee company spends $600,000 on cybersecurity annually. The figure excludes compliance fines, ransomware mitigation costs, and business losses from non-operational processes.

This excerpt first appeared in an article on ECommerce Times on February 3, 2023, written by Jack M. Germain.