7.26.23 > Lee Ann Villella

Protecting people and defending data in the face of cyber threats is crucial based on trends and patterns that have emerged in the cybercriminal landscape. Several key factors include:

  1. Evolution of Cybercriminal Business Models: Cybercriminals have honed their strategies and now primarily focus on three profitable business models: ransomware, data extortion, and business email compromise (BEC). These models have proven to be highly lucrative, outcompeting other illicit activities.
  2. Prevalence of Ransomware and Data Extortion: Ransomware attacks have become increasingly common, where cybercriminals encrypt victims’ data and demand ransom payments to release it. Data extortion is closely related, involving threats to publish sensitive information unless a payment is made.
  3. Impact of BEC: Business Email Compromise (BEC) continues to be a major source of financial losses. This type of attack involves impersonating trusted individuals to deceive employees into transferring funds or sensitive data.
  4. Focus on People and Data: The underlying theme across various threat types is the exploitation of human vulnerabilities. Whether it’s through phishing, social engineering, or insider threats, cybercriminals target people as the weakest link in the security chain. Moreover, data remains a prime target for insiders and is crucial for extortion actors to inflict maximum damage.
  5. Worsening Trends: The overall threat landscape is showing alarming trends. Average ransom payments are on the rise, indicating that cybercriminals are successfully extorting more money from their victims. BEC losses are at record highs, causing significant financial damage. Additionally, data loss incidents are also increasing, posing severe risks to organizations and individuals.
  6. Global Impact: Cyber threats are not limited to specific regions or countries. Incidents of intellectual property (IP) theft are rising worldwide and causing more significant damage than ever before. Major law enforcement agencies, such as the FBI in the U.S. and MI-5 in the UK, are actively involved in combating these threats.

Given these emerging patterns, protecting individuals and organizations from cyber threats and securing valuable data has become a critical priority. Cybersecurity measures such as robust data protection, employee training, threat detection, and incident response plans are essential to mitigate the risks posed by cybercriminals and safeguard against potential financial and reputational damages.

Protecting people and the data important to their organization and personal life is part of creating better cyber resilience. The philosophy is to break the links in the attack chain, as attackers rely on standardized techniques that exploit initial compromises, privilege escalation, and lateral movement.

Join Proofpoint at the Summit on Tuesday October 24. Bar Maor, Security Research Team Lead will lead a 50-minute tech session on “Unmasking AWS Deceptions: Unraveling Cloud Security’s Sneaky Side.”

Lee Ann Villella > Security Consultant, Proofpoint

Lee Ann has been a member of the Cybersecurity Summit Think Tank for 3.5 years. She volunteers with the Women in Cybersecurity MN Chapter (WiCyS MN) supporting membership and the annual golf tournament.

She is passionate about mentoring young people and those transitioning into cybersecurity careers. Lee Ann Villella serves customers via Proofpoint, a leading cybersecurity company protecting people, data, and brands against advanced threats and compliance risks.

Lee Ann brings over 20 years in sales and account management across a wide variety of industries. She holds a B.A. degree in English and Women’s Studies from St. Olaf College.

You can Connect with Lee Ann here at The Summit

And on LinkedIn at https://www.linkedin.com/in/leeannvillella/