What are the biggest cybersecurity threats right now?

6.8k views1 Upvote14 Comments

Sort by:

CISO/CPO & Adjunct Law Professor in Finance (non-banking)2 years ago

Supply chain attacks stemming from social engineering or zero day vulnerabilities. The heightened risk comes from the trojan horse (compromised business partner) having access to your infrastructure. The network edge today is more like a club with a velvet rope guarded by a bouncer than the archaic stylized brick walls in network diagrams. Most business have network connections to key business partners, but there is no ability to control business partner's security.

Deputy Chief Information Officer2 years ago

Ransomware at the top but not to overlook how phishing remains pervasive, with sophisticated social engineering tactics to trick users into disclosing sensitive information. With the increasing adoption of cloud services, misconfigured cloud security settings and inadequate access controls are also a top concern.

CTO in Software4 years ago

Business Email Compromise (BEC) is probably the biggest vector, RAT (remote access/administration trojan/toolset/threat) is probably the biggest threat (often linked to ransomware and/or exhilaration of data)

Director in Manufacturing4 years ago

Ransomeware - many via email but our tools are doing better at blocking

2 4 Replies

no title4 years ago

Employees access both personal and professional email on Corp laptops. Your anti-phishing solution protects both?

no title4 years ago

We don’t allow any access except through corporate vpn and no personal email access (gmail, yahoo, etc)

CEO in Software4 years ago

Ransomware- no doubts at all.

Content you might like

How can the risk management function be strengthened to counterbalance overly aggressive executive decisions?

Have you evaluated any “AI native” data security platforms so far (like Concentric AI, Normalyze, etc)? Interested to know your thoughts on these, whether or not you move forward with implementing.

How long does a CISO typically stay within his or her organization?

< 1 year4%

1 - 2 years36%

2 - 4 years41%

4 - 5 years11%

> 5 years6%

View Results

How are you securing your data in public cloud or SaaS? (select all that apply)

Access Management solution26%

SWG Solution (Secure Web Gateway)36%

SEG Solution (Secure Email Gateway)31%

Firewall solutions50%

CASB Solution22%

DLP solution29%

Antivirus Protection24%

SaaS Security Posture Management (SSPM)13%

Other2%

No Protection4%

We don’t have data in cloud or SaaS

View Results

As part of our NYSE IPO prep, we’re debating how to communicate our system hardening efforts in regulatory disclosures (e.g., SEC Form 20-F, SFC).

Would you recommend sharing % compliance (e.g., “85% CIS Tier 2”) or sticking to qualitative descriptions of how we identify and mitigate risks? Also, do SFC/ISO 27001 expectations require full ISMS integration, or is a % model acceptable?

What are the biggest cybersecurity threats right now?

Sort by:

Content you might like

How can the risk management function be strengthened to counterbalance overly aggressive executive decisions?

Have you evaluated any “AI native” data security platforms so far (like Concentric AI, Normalyze, etc)? Interested to know your thoughts on these, whether or not you move forward with implementing.

How long does a CISO typically stay within his or her organization?

How are you securing your data in public cloud or SaaS? (select all that apply)

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go