A report from Trend Micro this week announced that global cyber-risk levels have improved from “elevated” to “moderate” in the last six months, and data from SonicWall in February reported a 21% decline in ransomware. Granted, the 493.3 million ransomware attacks attempted in 2022 was the second highest total ever recorded, but after multiple years of steep increases, a dip is still a dip.
Is it possible we’ve turned some kind of cybersecurity corner?
Yes, says Chester Wisniewski, field CTO for applied research at Sophos. “You have to be a cynic to work in security for 25 years, so I usually don’t look on the bright side of things,” he chuckles. But the investments businesses are belatedly making in continually more effective tools and techniques are genuinely having an impact.
“We’re defending better,” Wisniewski says.
Tony Anscombe, chief security evangelist at ESET, concurs. “Cybersecurity has got better,” he says. “Awareness has got better at the end user level.”
Vendors have gotten better at collaborating on security too, adds Barracuda Networks CTO Fleming Shi, citing Amazon Security Lake as an example. Based on the Open Cyber Security Schema Framework, that project pools telemetry from multiple sources, including Barracuda, to identify and remediate threats faster.
“You have to work together,” Shi says. “Otherwise, every time it’s just the bad guys are ahead of us.”
That said, neither he nor any other security expert is remotely close to declaring victory just yet. “It’s still early,” Shi says.
Indeed, some experts suspect Russia’s invasion of Ukraine, rather than better cyber defenses, is why ransomware has been slowing. The two countries, which are both notorious sources of threat activity, attack each other more often than outsiders these days. “There might have been some disruption because there’s just so much that comes from that area of the world,” says Raffael Marty, executive vice president and general manager of cybersecurity at ConnectWise.
Other observers say we’re already trending back in the wrong direction.
“The insurance companies have their finger on the pulse of how painful these ransomware and other serious incidents are because, of course, everyone’s paying out claims,” says Eric Skinner, vice president of market strategy at Trend Micro. “The insurance people will tell you in late 2022 and in Q1 of 2023, ransomware did a bit of a rebound.”
And for all the headway businesses have made on embracing good cyber hygiene, much more is required. “Almost half of the incidents that we responded to last year were still from unpatched exposed devices,” Wisniewski observes of Sophos’s MDR service.
