A pair of new reports from Risk Based Security find that disclosed software and hardware vulnerabilities continue to increase while reported data breaches in most parts of the world decline.
For IT administrators struggling to keep pace with the rapid changes in cybersecurity, the reports provide some useful insight into exactly what you’re up against.
The cybersecurity provider’s mid-year reports found that there were 12,723 disclosed vulnerabilities in the first half of 2021, a 2.8% increase compared to the same period last year despite pandemic-induced business disruptions.
Of those vulnerabilities, an alarming 2,274 are remotely exploitable, but the majority (1,425) have a mitigating solution. However, the remaining 849 do not.
“If organizational workflows are already strained from patching vulnerabilities that have known solutions, then adding these vulnerabilities into the mix makes it near impossible for security teams to fully judge risk and secure their assets,” the company’s vulnerability report says.
Meanwhile, data breaches in most parts of the world are declining, with 1,767 reported breaches over the first half of the year representing a 24% decline compared to the same period in 2020.
However, that decline in disclosures comes primarily from outside the U.S., where the number of reported breaches actually increased slightly by 1.5%.
Nearly 19 billion records have been exposed this year, but that’s still a 32% dip from the 27.8 billion records exposed at this point last year.
However, the company cautions that this could simply be attributed to the pandemic’s impact on businesses.
“Information on Q2 2021 continues to develop as of the publication of this report,” the report says. “If the pace of disclosure continues at the current level, we anticipate Q2 2021 will equal or surpass the number of breaches reported in Q2 2020.”
The vast majority (1,201) of those breaches were unauthorized access into systems, and the healthcare industry remains the most targeted by cybercriminals, as the sector accounted for 238 data breaches over the first half of 2021.
The report also noted that retail data breaches are dropping off as ransomware gains in popularity and impacts the manufacturing sector, which has been more targeted than retail since the first half of 2020.
What you should take away from these reports
Patch Management. Reported vulnerabilities are increasing, but there aren’t always fixes available. But when they are, you need to patch immediately to prevent the bad guys from exploiting them.
Shifts in threat landscape. Healthcare is unfortunately still the most targeted sector, but the growing popularity of ransomware as a moneymaker is changing the threat landscape and putting manufacturing and other industries in the crosshairs. Every business is now at risk.