As the role of cybersecurity in large businesses increases remarkably year over year, the importance of Security Operations Centers (SOCs) is becoming paramount. This year’s Kaspersky Security Bulletin ends with tailored predictions for SOCs – from external and internal points of view. The first part of this report is devoted to the most current threats any SOC is likely to face in 2023. Based on our extensive Managed Detection and Response (MDR) experience and the dynamics we have seen over the years, we provide insights into the trends set to shape the threat landscape for enterprises this year. The second part is devoted to SOC trends from an internal point of view. Here we analyze challenges that managers will face regarding personnel, budgets and functions. They are closely intertwined with the threats looming over corporations in 2023, as only an effectively organized team can safeguard business against rapidly evolving malware and attack methods.
Part 1. What threats security operations centers will face in 2023
Ransomware will increasingly destroy data instead of encrypting it
Cyberspace reflects the global agenda, and geopolitical turbulence influences the attack surface. That’s why in 2023 we can expect the echoes of cyberwarfare to continue reverberating. The most common attack scenarios here are: attacks on employees (social engineering), attacks on IT infrastructure (DDoS), as well as attacks on critical infrastructure. Another interesting trend that started in 2022 and will continue in 2023 is that ransomware now not only encrypts companies’ data, but destroys it in certain cases. This threat looms large over organizations that are subject to politically motivated attacks, which look destined to be on the rise in the coming year.
Public-facing applications will continue to be exploited for initial access
Largely due to some notorious critical vulnerabilities in Exchange ..
Support the originator by clicking the read the rest link below.