As cyber threats intensify and the human and financial resources available to deal with them remain limited, there is a growing need for automation in cybersecurity. The intelligent automation of key cybersecurity processes can significantly improve an organization’s posture and at the same time support under-pressure employees by reducing reliance on manual processes.

Nowadays, organizations are exposed to a high volume of security related information. Unfortunately, most of these organizations have little to no capabilities of using this information in a proactive manner, i.e. using information to try to change or anticipate an outcome. In other words, using information to produce intelligence products. It is safe to say that few of these organizations have a clear understanding of what Cyber Threat Intelligence (CTI) is and what it is not.

As both consumer and commercial banking clients shift to primarily utilize online banking, they still have high expectations that their financial assets will be secure. In 2021, the banking industry reported 703 cyberattack attempts per week — a 53% increase from 2020. And the cost of cyberattacks in the industry has reached $18.3 million annually per breach.

As we wrap up Cybersecurity Awareness Month (CSAM) 2022, the final topic we’ll cover is updating software and patching vulnerabilities. According to the 2022 Data Breach Investigations Report (DBIR) from Verizon one of the top paths threat actors use to infiltrate organizations is exploiting vulnerabilities. And there appears to be no end in sight as the number of unique security vulnerabilities rose almost 10% in 2021, up to 20,142 from 18,351 in 2020.

The Elastic Security Labs team is passionate about securing the world’s data from attack, and strives to raise the bar within the security industry. To this end, Elastic Security Labs has compiled the 2022 Global Threat Report to share trends and tactics adversaries and attack groups use, as observed by our threat research team and broader user community over the past year. Let’s dig into a few of the endpoint related findings.

The Anti-Phishing Working Group (APWG) Phishing Activity Trends Report reveals that in Q2 of 2022 there were 1,097,811 total phishing attacks. This marks the worst quarter for phishing observed to date, exceeding Q1 of 2022 which was the first time the three-month total exceeded one million.

TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their cyber resilience. Thanks to its threat intelligence offering, Outpost24 is well-positioned to create attack scenarios in line with the TIBER-EU framework.

In our previous Cyber Security Awareness Month (CSAM) blog we talked about the added value we as cybersecurity practitioners can bring to the table by sharing knowledge we take for granted with individuals across the organization that will ultimately help strengthen defenses. The first topic we covered was multi-factor authentication (MFA). CSAM’s next topic is using strong passwords. Here are a few tips we have found useful to share with colleagues, as well as family and friends.