Phishing remains active cybersecurity threat to businesses
IBM research found more than two in five of all cybersecurity incidents in 2022 involved phishing as the pathway to compromise, according to Construction Dive.
Three in five of all phishing attacks were conducted through attachments, according to IBM Security X-Force’s annual threat intelligence report released in February. Phishing via links accounted for one-third of all phishing attacks. One-quarter of attacks involved the exploitation of public-facing applications, and 16% abused valid accounts for access. Only one in 10 attacks involved external remote services.
The consistent prevalence of phishing attacks underscores the need for organizations to focus on people, process and technology, according to Stephanie Carruthers, global head of innovation delivery and chief people hacker at IBM Security X-Force Red. Phishing has enjoyed long-standing success as an initial access vector, and attackers are constantly innovating their approach to keep phishing alive and thriving, Carruthers says.
The latest phishing tactics should be shared with employees so they know what to look out for. Thread hijacking, which involves a threat actor hijacking an email account and responding to email threads pretending to be the original victim, doubled in 2022.
A majority of penetration tests IBM Security X-Force Red ran for clients in 2022 revealed improper authentication or handling of credentials. Many organizations lacked visibility into applications and endpoints exposed through identity access management services, the report found.
The report is based on research data IBM Security X-Force gathered in incident response engagements throughout 2022, in addition to vulnerability and exploit databases and network and endpoint tracking.
Construction technology funding held steady during 2022
A report from Monterrey, Mexico-based construction technology venture capital firm Cemex Ventures reveals the construction technology industry showed resilience during adverse economic conditions as investment during 2022 held steady at around $5.38 billion, according to Construction Dive. The funding was only slightly less than $5.4 billion in 2021.
More than 80% of investment in the market was in North America and Europe in 2022. Within those regions, the most active country was the U.S., where 97 startups have their headquarters and 42.5% of all construction technology investment dollars flowed. The next most active country, the U.K., had 20 startups and 8.8% of funding dollars.
Cemex Ventures predicts construction technology investment will continue to hold steady in 2023 with an expectation that economic issues will begin to abate and provide a path forward at the end of the year.
The report highlights four key areas of investment in the construction technology field that will continue to be important to the industry: enhanced productivity, future of construction, green construction and construction supply chain.
The report indicates North America and Europe will continue to dominate shares of the construction technology market. However, it also notes there is concentrated construction technology innovation in Latin America and the Asia Pacific area.
Be the first to comment. Please log in to leave a comment.