Make the most of new ransomware insights: 2024 Verizon DBIR

Well, it’s that time of year again. Dads are firing up the grill, beachgoers are sweltering in bumper-to-bumper traffic, and IT security pros are poring over the 2024 Verizon Data Breach Investigations Report (DBIR).

As usual, this in-depth report is packed with critical information and data about the latest developments in the constantly evolving cyber threat landscape. And, as usual, the sheer wealth of data and statistics that it contains makes it challenging for busy CISOs and IT admins to extract relevant, actionable insights and to develop concrete plans based on them.

Join Barracuda for expert guidance

Fortunately, you don’t have to work your way through the report on your own. Register now for an upcoming Barracuda webinar where ransomware experts Mike Goldgof and Anastasia Hurley will make it easy for you to focus on the key takeaways that matter most to you—and on practical ways to update your security posture and ransomware recovery plan in response to the latest threat trends.

At the webinar, you’ll gain an in-depth understanding of how attackers are expanding and refining their strategies, including AI-enhanced phishing attacks, increasing use of non-email vectors to infiltrate target networks, and optimized monetization schemes that keep victims paying again and again over time.

DBIR details

Join the presentation to get clear, expert insights about the many enlightening findings of the DBIR, including:

• The 180% increase in the portion of breaches initiated by vulnerability-exploits 

• The dominance of intrusions using stolen credentials to access web applications

• The consistently high percentage of attacks that involve non-malicious insider threats 

Real-world attacks

Mike and Anastasia will also illustrate some of the new ransomware threats by analyzing recent, real-world attacks. You’ll understand exactly how these criminal intrusions unfold—and you’ll gain a clear accounting of their costly and operationally disruptive consequences.

And Mike and Anastasia won’t just give you a keen understanding of the dangers. They’ll also discuss the various approaches different organizations might take to detect and block the newest threats—and to improve their capacity to recover from a breach quickly and easily.

Credential abuse

Traditional password-based access controls are increasingly unreliable as vast amounts of credentials data has been, and is constantly being, stolen and provided to cyber crooks. Even multi-factor authentication (MFA) schemes are often vulnerable. 

The adoption of modern zero-trust access controls and network architectures makes it much harder for intruders to abuse stolen credentials. From specific resources and applications to network-wide zero trust, there are appropriate capabilities available for each organization’s needs.

The human element

About two thirds of attacks involved some kind of human error that allowed the attack chain to begin. Criminals are using AI to develop and deploy very sophisticated phishing attacks, and users are always vulnerable to a consequential moment of distraction.

While human error can never be completely prevented, modern security awareness training solutions like Barracuda Security Awareness Training reduce phishing successes and instill a culture of vigilance, and they let you identify and focus intensive training on your most vulnerable users. 

The authors of the 2024 Verizon Data Breach Investigations Report, speaking to the opportunity gap for training, say this about security awareness training: “It is not perfect, but if you had a clear investment path that could potentially improve the outcomes of more than two-thirds of potential breaches, you might at least sit down and listen.”

App vulnerability exploits

With email security improving, attacks that exploit app vulnerabilities are on a dramatic rise. It’s never been more important to ensure that all your apps and APIs are fully updated and secured. But manually monitoring and patching can be a huge challenge for limited IT teams as networks grow ever more extensive and complex.

Many admins have had bad experiences with web application firewalls (WAFs). Setting and constantly maintaining their complex configurations was way too much trouble. But there is a new generation of comprehensive web application and API protection (WAAP) platforms, such as Barracuda Application Protection, that are self-configuring and self-maintaining, and automate your web application and API security against all kinds of attacks. 

Don’t miss out

The webinar is coming up on June 20, so don’t delay. Reserve your spot and make sure you’ll gain the insights and information you need to most effectively plan your security adjustments and investment this year.