As we bid farewell to 2023, we reflect on the key findings that the Media Sonar research team has gathered throughout the year. From the increasing reliance on web intelligence to the resource shortages organizations face, follow along as we unravel the intricacies underpinning the ongoing battle against cyber threats.
1. Cybersecurity threats were forecasted to grow in 2023 (and they did).
At the beginning of 2023, we asked 1440 security professionals what they predicted would happen to the volume of cybersecurity threats throughout 2023. 95% predicted an increase in cybersecurity threats, 4% believed the volume would stay the same, and only 1% expected to see a decrease.
Several cybersecurity statistics have proven this prediction to be correct. Data breaches in the US increased by 20% in the first nine months of 2023 compared to what previous years saw across 12 months. As well, reported ransomware attacks increased by 97% in Q2 of 2023 compared to Q2 of 2022.
2. Many organizations have accepted that there is no such thing as being 100% secure.
As cybersecurity risks grow in frequency and sophistication, an overwhelming 96% of security professionals believe it is impossible for organizations to be 100% secure. This mindset has shifted how many organizations approach security. Instead of trying to stop every attack, the goal is to find a balance between preventative measures that reduce risk and reactive measures that will mitigate the impact if an attack occurs.
Earlier this year, we published an article called “” that dove deeper into this idea. We explored the key reasons why there is no such thing as being immune to cybersecurity risks and how to measure a security program’s success beyond the absence of attacks.
3. AI is the leading factor that has led to the growth in cybersecurity risks.
In a survey of over 900 security professionals, Artificial Intelligence (AI) is believed to be the primary factor contributing to the growth in cybersecurity risks. While AI can help enhance security capabilities, its increasing sophistication also provides malicious actors with the tools to devise more evasive and targeted strategies. As AI continues its rapid evolution, the year 2024 is poised to witness a continued escalation in cybersecurity risks.
Remote work and IoT were other notable but comparatively smaller factors that respondents believed to be contributing to the growth in cybersecurity risks. Surprisingly, cloud technology, which has become integral to modern business operations, is perceived as a less significant contributor, with only 11% of respondents citing it as a major factor in the proliferation of cybersecurity risks.
4. Most organizations are accounting for risks beyond network walls.
Since modern organizations are not operating within four walls or corporate-controlled networks, they can no longer rely on internal security tools such as firewalls and endpoint protections. To strengthen security posture in today’s security landscape, organizations must extend security coverage beyond the traditional corporate perimeter.
Our research team has found that more and more organizations are recognizing the importance of accounting for risks beyond network walls. In fact, 71% of security professionals consider information from the social, surface, deep, and dark web as a core part of their security strategy.
5. Several organizations are working with web intelligence daily.
The frequency at which many organizations use web intelligence is also indicative of its importance in strengthening security posture. Our research found that 59% of organizations use web intelligence daily, and 28% acknowledge periodic utilization.
While daily utilization of web intelligence has several benefits, many organizations do not have the bandwidth for collecting this information and identifying/triaging risks on a daily basis. Assessing risks and exposures across online networks on a more periodic basis still provides several benefits, such as providing a baseline understanding of digital footprint hygiene, justifying further investment into security measures, and demonstrating that an organization is taking tangible steps toward strengthening security posture.
6. Leveraging web intelligence is a multi-person initiative.
Not only are many organizations dedicating substantial time to overseeing the external attack surface, but they are also assigning multiple individuals within the organization to this responsibility. Our findings reveal that 71% of organizations have a minimum of two people tasked with protecting assets across online networks, with 43% deploying a team of more than five individuals. This emphasizes the increasing acknowledgment of the pivotal role that web intelligence plays in enhancing overall security defenses.
7. Expertise is the most significant resource shortage.
Considering many organizations are allocating 5+ people to managing risks across online networks, it is not surprising that the most significant resource limitation when using web intelligence is lack of expertise. Finding a multiple-person team skilled in this area of security is challenging, especially among the growing security talent gap.
Earlier this year, We hosted a webinar on how organizations can address the security talent gap. Download “The Cybersecurity Talent Gap: Opportunities & Obstacles for Service Providers” here.
Looking Ahead to 2024
The 2023 cybersecurity landscape reveals a stark reality: security threats are on the rise, the attack surface has expanded, and achieving absolute security is now a thing of the past. Many organizations have started to rethink their security strategies and have begun accounting for risks beyond network walls. However, identifying and mitigating risks across online networks is daunting and demands time, budget, and resources that many organizations lack.
Amidst these challenges, Media Sonar Digital Risk Assessments (DRAs) stand out as a compelling solution. By harnessing the power of web intelligence, these assessments deliver analyst-generated reports that identify and prioritize risks alongside actionable remediation recommendations. Whether on a one-time or recurring basis, Media Sonar DRAs empower organizations to fortify their defenses and enhance their security posture in the face of an increasingly sophisticated threat landscape.