What tech executives can learn from 2023’s most notable cybersecurity breaches

Cybersecurity breaches remain on the rise, affecting organizations of all sizes, sectors, geographies, and industries. Despite continued investments in security technology, processes, and resources, cyber threats are becoming increasingly complex, challenging even the most powerful security teams.

Technology executives should use lessons learned from the top 100 cybersecurity breaches of 2023 to strengthen their security program practices and avoid similar problems. Forrester found that:

• In many breaches, the root cause remains a mystery or is never made public. One of the most surprising findings from the survey is the high number of breaches with unknown root causes. This trend is particularly pronounced in APAC and EMEA, where breach notification laws and practices are still evolving. A different pattern was observed in North America, where third-party vulnerabilities indicate attackers focused on supply chain weaknesses. Security leaders must prioritize identifying and reporting the root causes of breaches to develop more effective prevention strategies and comply with regulatory requirements.
• Third parties remain the weakest link. Third-party vulnerabilities significantly impact four out of seven industries, with larger companies being more affected by third-party vulnerabilities than smaller companies. This may seem counterintuitive, but larger companies have larger ecosystems of third parties, which means more suppliers through which they can enter. Attackers prefer to exploit weaknesses in suppliers that have access to larger companies, and are overly likely to attack suppliers directly due to weaker security practices found in many of these suppliers.
• Weak or stolen credentials are a nightmare for small businesses. Small businesses are disproportionately affected by breaches related to weak or stolen credentials. These incidents are often the result of misconfigurations, poor identity governance, and credential reuse. Small organizations often have smaller security budgets and don’t have their own security departments, yet they are a critical link in larger supply chains. The impact of third-party and supply chain risks means it’s crucial to ensure that small organizations are protected.
• Social engineering remains a timeless and classic technique. Social engineering continues to be a favored technique for cybercriminals who exploit human error to gain unauthorized access. While the overall incidence of this type is declining, it remains a significant threat, especially with the advent of generative AI tools that can create more convincing phishing messages and break down language barriers. Japan, for example, recently saw a 35% year-over-year increase in BEC attempts. Businesses have no choice but to get a firm grasp on the basics of email and collaboration security and manage their human risks.

This post was written by Senior Analyst Madeleine van der Hout and was originally published in here.