The 2023 Arctic Wolf State of Cybersecurity Trends Report takes the temperature of organizations around the globe to understand not only their current and future concerns, but how they are responding today to the problems that plagued them in previous years.
Our research shows that despite the enduring nature of many of these challenges, organizations are making measurable strides in areas where progress has proven limited in previous years.
But among these bright spots, perennial security challenges remain.
Ransomware Returns, and It’s Only Growing
One word appeared over and over when it came to organizations’ biggest concerns in 2023:
48% of organizations rank ransomware as their number one concern for the upcoming year.
This was also the top concern in the 2022 version of this report, and for good reason. Ransomware attacks continue to grow, and the growing popularity of ransomware-as-a-service (RaaS) has lowered the barrier for novice attackers to execute this style of attack.
Not only are organizations getting hit with ransomware attacks, but they may be inspiring future attacks by paying the demanded ransom. 74% of the time someone, either the victim themselves or a representing body such as an insurance company, chose to pay some percentage of the ransom.
It’s worth noting that many law enforcement agencies, including the FBI, take the position of never paying the ransom as this only emboldens attackers. Unfortunately, we understand that every situation is unique and while refusing to pay may seem morally correct, it may not be the best option for many victims.
Cloud Security is a Climbing Priority
The second most common concern identified in our report was in the area of cloud security gaps, with 42% of respondents stating that this was their primary area of worry. This directly correlates to the leading area of investment organizations reported for the new year: Securing their cloud resources.
Of those surveyed, 53% stated that they currently have plans to add or update their cloud security technology within the upcoming calendar year – a 31% increase from what respondents reported a year prior.
Additionally, respondents selected cloud security and evolving infrastructures as the area of cybersecurity they would like to learn more about in the coming year. This area is important for organizations to understand and stay current on. The further adoption of work-from-home architectures and distributed, digital environments have eroded the traditional network perimeter. Couple this with the financial incentives of cloud adoption and it’s easy to see why the cloud is becoming a growing area in information technology. As these vulnerable environments continue to grow and evolve so must the security teams tasked with monitoring and protecting these architectures.
Some Solutions Underwhelm, Some Solutions Go Ignored
While the investment in cloud resources is a positive development, a major solution is being left out of organizations’ plans: patch management. Exploited vulnerabilities are a growing issue, and research from the Ponemon Institute on vulnerability response states that 60% of breaches could have been prevented with a proper patch.
Interestingly, 25% of our respondents noted that vulnerabilities and patching was their biggest concern in 2023. While there is great value in focusing on remediating vulnerabilities, this statement runs contradictory to where many organizations seemingly plan to invest in the upcoming year. Only 18% of survey respondents plan to implement or improve their patch management system within the next year.
Just as organizations are prioritizing what could offer the most value to their security environment, they are also evaluating which solutions are providing the least value. One data point came as a surprise — 30% of organizations stated that their current endpoint technology tool provides the least value. This dissatisfaction in endpoint technology likely comes from a few issues, and our full report takes a deep dive into each.
A Shift Toward More Robust Technologies
However, all these issues point to a shift toward technology that offers more than just EDR. Two EDR-adjacent options: managed detection and response (MDR) and network traffic analysis (NTA), received much lower dissatisfaction rates. In other words, organizations are finding the most value in these EDR alternatives.
NTA allows security teams to detect threats at the network level. It is true that almost any breach will inevitably reach an endpoint, hence the value of endpoint visibility and endpoint security technology. However, pairing network traffic analysis with an endpoint technology allows for higher fidelity alerting and faster detection time. Quite often threats can be detected within network telemetry and then validated once they have reached the endpoint.
As for managed detection and response, this answers the question of who will utilize the tools that the organization has invested in. A quality MDR provider should be able to build upon and supplement an environment’s existing security stack by monitoring and responding 24×7. With this definition of MDR, it’s easy to see how many organizations find immediate value in this service.
Find Much More Inside the Trends Report
We’ve barely scratched the surface of the information available in the 2023 Arctic Wolf State of Cybersecurity Trends Report.
This crucial resource not only digs deeper into each of the topics above, but also presents revealing insights into:
- The top barriers keeping security teams from achieving their objectives
- Whether security budgets are expanding or retracting — and why
- The main concerns driving organizations’ security strategies in 2023
Plus, the report reveals startling responses to how organizations react post breach, and the ways that single decision can impact their security, their budget — and their reputation.
Get the whole story: Download the 2023 Arctic Wolf State of Cybersecurity Trends Report