DirectDefense Reports the Top Threats from 2022 and What's Trending for 2023
DirectDefense, Inc., an information security services company, today released its "Security Operations Threat Report" which identifies the top threats in 2022 and what's already trending for 2023. Using its proprietary ThreatAdvisor software, DirectDefense evaluated the managed services activities logged for its clients last year.
Of the hundreds of thousands of alerts managed, DirectDefense investigated 100% of them and acted on or dismissed 77% so that only 23% needed client collaboration to close the event, saving over 1.1 million hours in alert investigation time for clients while providing 7x24x365 monitoring. There were seven threat types identified by the DirectDefense team, including custom alerts created by DirectDefense based on our clients' unique needs and program support. Outside of custom alerts, foreign login activity and process analysis (suspicious application processes) represented almost 50% of the threats identified.
Surprisingly, phishing accounted for a low number of client alerts. This infrequency could be the result of tighter organizational email security protocols or simply fewer phishing attempts overall due to previous year's events where threat actors scraped email addresses and personal information from social networking sites and took other approaches, like brute force attacks. It's worth noting that of the 7% phishing attempt alerts, 859 were positive phishing attempts and three of those escalated to an incident response engagement.
In 2022, DirectDefense spent nearly 30,000 hours on event triage, with approximately 7,600 hours attributed to level 1 / initial analysis and 21,700 to level 2 / secondary analysis and action.
Each DirectDefense SOC analyst spent an average of 1,723 hours on event triage and response.
In looking at 2023, the DirectDefense team identified four primary threats that top the list for security concerns.
The full report can be found at: https://go.directdefense.com/2022-Security-Operations-Threat-Report.
About DirectDefense, Inc.
DirectDefense provides enterprise risk assessments, penetration testing, ICS/SCADA security services, and 24/7 managed security services for companies of all sizes. Focused on building security resiliency, the firm offers comprehensive security testing services with specialization in application security, vulnerability assessments, penetration testing, and compliance assurance testing. Its team of highly talented consultants has worked with the majority of the Fortune 100 companies, in industries such as power and utility, gaming, retail, financial, media, travel, aerospace, healthcare, and technology. More information can be found at www.directdefense.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230315005308/en/