Annual Security Report: addendum

At the end of Q1, we’re looking back at the November – December numbers, to see if they influence the trends described in our Annual Security Report (which was based on the first 10 months in 2018). When taking these new numbers in to account we only see marginal changes, (within the 2-3% range). The one exception is that relatively more threats have hit smaller organizations: they experience over 6 times more incidents per employee than bigger ones.

Preface

Every year, SecureLink publishes the Annual Security Report. In it, we describe trends we observe from our 5 Cyber Defense Centers, derived from trillions of data points. In the 2018 edition, we saw it’s difficult to detect social engineering, cryptojacking is not as big of an issue as mentioned in other reports, and smaller business get hit harder than others, in relative numbers.

We used numbers from January through October for the report. That’s why, at the end of the quarter, we’re looking at the November – December numbers, to see if they influenced the trends.

An increase in numbers

We added 4627 more security incidents to the data set. We have had an additional 113,397 alerts. Diving into the numbers we assessed that, even with a high amount of false positives in this Q4 set, on average there’s been a lot more security incidents in November and December than average in 2018. The distribution hasn’t changed much: Account Anomalies have increased by 1%, while Social Engineering has decreased by 1%, showing it’s difficult to detect.

Malware trends

Malware trends have mostly continued in the last part of the year. Backdoors such as RATs showed a spike, which was caused by a local, concentrated campaign.

Some things never change...

The criticality of incidents, and distribution of threat types per vertical have fluctuated in the 2-3% range.

Trend break: small organizations hit harder

November and December showed a change in the numbers for Small Business (under a 1000 employees). These organizations experienced quite an unexpected increase of incidents. The metric “incidents per 100 employees”, went up from 6.8 to 9.1. This is quite a huge leap. At the same time, Medium and Large organizations experienced less incidents than usual. As a result of this their ratio’s remained 1.5 and 1.3.

The upshot from all of this is that smaller organizations now experience over 6 times more incidents than larger ones.

The Authors: Diana Selck & Eward Driehuis

Get SecureLink’s Annual Security Report