According to the NTT Security‘s 2019 Global Threat Intelligence Report, the finance industry in EMEA accounted for 30% of all attacks – compared to 17% globally, reinforcing its vulnerability to cybercrime.
As such, finance has knocked business and professional services off the top spot, which was last year’s most attacked sector at 20%.
The report found that web application attacks are largely to blame, almost doubling from 22% to 43% over the last year. Similarly, manufacturing experienced a massive surge in web attacks (rising from 9% to 42%), although the overall attack volume across EMEA decreased.
“These attacks most often rely on leveraging an exposed unpatched vulnerability or misconfigured system, targeting organisations with high volumes of sensitive data,” said Kai Grunwitz, SVP NTT Security EMEA. “The consequences could be devastating as it could be used for financial gain, industry superiority or corporate espionage. Our GTIR once again highlights the fact that critical vulnerabilities – both old and new – need to be patched as quickly as possible in client environments, especially given the convergence of IT with Operational Technology.”
Vulnerable web apps: An organisation’s weak point?
The majority of successful network penetration tests in 2017, broke in via vulnerable web apps
Fumitaka Takeuchi, vice president, managed security service taskforce, corporate planning at NTT Communications, added: “Many organisations are caught up in simply buying solutions to problems that either don‘t really exist, or a solution that costs more than the potential loss being prevented. Our advice for organisations, regardless of the industry they operate in, is to leverage existing relationships with trusted experts and to keep an eye on professional and managed service maturity in the cyber security space. First and foremost, it is essential to know where the real risks lie and then develop solutions accordingly.”
The report gathered data from NTT Security and supported operating companies from October 1, 2017, to September 30, 2018.
10 cyber security trends to look out for in 2019