Trend Micro Incorporated, a world leader in cybersecurity, released its Trend Micro Cyber Risk Index (CRI) report, in which it exposed the increase and risk of cyber-attacks in the last year.
According to this new survey, 80% of global organizations indicate that they are likely to experience a data breach affecting their customers’ information in the next 12 months.
The Cyber Risk Index (CRI) conducted in 1H2021 by Trend Micro and the Ponemon Institute surveyed IT managers in Europe, Asia-Pacific, Latin America, and North America. It used its findings to create an index that can assess the maturity level of an organization facing cyber risks. Three of the four regions showed an elevated level of risk, while Latin America presents a moderate risk.
The CRI bases its records on a numerical scale from -10 to 10, where -10 represents the highest level of risk. The current global index stands at -0.42, a slight increase from last year, indicating a “high” risk. Likewise, IT managers surveyed appear to be concerned that they will receive a successful attack in the next 12 months in all four regions. In the next 12 months, the medium to a high probability of compromise is nine out of ten in North America, Europe, and Latin America, and eight out of ten in Asia-Pacific.
In the case of the region, Latin America presents a moderate risk with a score of +0.06, so it must have a high probability of commitment. LATAM’s highest CPI, Cyber Preparedness Index (represents the preparation of an organization to defend against cyberattacks) risks focus on challenges with executive-level authority and security priority, but also focus on areas where a company may need to review how they have enabled security within these areas. DevOps is a new area that organizations are taking advantage of, but it does not get enough attention from security.
“Once again, we have found a lot of information to keep CISOs awake, as we have found everything from operational and infrastructure risks to data protection, threat activity, and challenges in a humane way,” said Jon Clay, vice president of intelligence for Trend Micro threats. “To reduce cyber risk, organizations must be better prepared by going back to basics, identifying the critical data at greatest risk, targeting the threats that matter most to their business, and providing multi-layered protection from end-to-end connected platforms.”
The main cyber risks in Latin America highlighted in the report were the following:
1. Ransomware
2. Watering hole attacks
3. Advanced persistent threats (APT)
4. Malicious inmates
5. Fileless attacks
As in other regions, misalignment of the organization is one of the leading security risks and creates challenges for security teams in Latin America. Likewise, new hires are also a big concern, representing trusted employees who are challenging to deal with and identify when they are malicious. LATAM still uses local data centers like Asia-Pacific, so this infrastructure is included as the main risk. No other region had mobile devices in its top five, so it could show that LATAM respondents are more concerned about this attack surface than in other areas.
On the other hand, globally, among the two main infrastructure risks was cloud computing, which is why global organizations gave it a 6.77, classifying it as considerable risk on the 10-point scale of the index. Also, a high number of respondents admitted that they spend “considerable resources” on risk management from third parties, such as cloud providers.
Finally, the main challenges to cybersecurity readiness include limitations for security leaders who lack the authority and resources to achieve a strong security posture and organizations struggling to enable security technologies that are sufficient to protect your data assets and IT infrastructure.