Free Newsletters for the Channel
Register for Your Free Newsletter Now
Log4J/Log4Shell is still being actively exploited.
July 1, 2022
Unpatched systems – not employee error – prompted the most costly cyberattacks during the first quarter of 2022.
That’s according to a new Q1 2022 report by Tetra Defense, an Arctic Wolf company. Each quarter, Arctic Wolf‘s Tetra Defense collects and analyzes data and insights from its incident response engagements in the United States.
Scott Holewinski is Arctic Wolf‘s senior vice president and general manager of incident response.
Arctic Wolf’s Scott Holewinski
“User action is often touted in the media as a top point of compromise, with the fear-mongering attached,” he said. “Reports that someone from HR clicked on a link and single-handedly invited a ransomware attack into their organization are a cautionary tale used by many vendors and employers alike to articulate the consequences of a simple user action.”
User action can be a piece of a threat actor’s strategy, Holewinski said. However, it’s not the easiest way in, nor is it the most popular.
Holewinski said there are a lot of encouraging findings in this report.
“The most significant is that 82% of major cyber incidents are preventable by making sure your organization does not have any vulnerabilities on the perimeter of the network and do not allow external remote desktop protocol (RDP) access directly to workstations or servers,” he said. “If you combine that with using multifactor authentication (MFA), user awareness training, and some level of managed detection and response, your organization will no longer be low-hanging fruit for a major cyber incident. A lot of these are economical to implement. Other than the people time, patching vulnerabilities is usually free.”
Scroll through our slideshow above for more from Tetra Defense’s report on the cost of unpatched systems and more.
You May Also Like
Best Technology Consultants 2024: Top 101 Agents & Advisors Ranked (L-Z)Mar 4, 2024
The Gately Report: AI Increasing Need for Zero Trust, ThreatLockerMar 4, 2024
Best Technology Consultants 2024: Top 101 Agents & Advisors Ranked (A-K)Mar 4, 2024
Channel People on the Move: AT&T, C1, Mitel, TD Synnex, MoreMar 1, 2024