To ensure the X-Analytics Application remains current and produces reliable outcomes, the X-Analytics Research Team aggregates and analyzes historical and cyber risk intelligence data to calibrate backend variables within X-Analytics.
This update includes:
Threat
Industry Threat Baselines: -5.9% change
The industry threat baselines decreased by an average of 5.9% since the last update.
Crimeware (including ransomware), Everything Else (including unknown and unclassified events), and Denial of Service Attacks are the top three threat categories (in order of most likely to least likely).
The decrease in threat activity is mostly related to a decrease in physical card skimming, human error, and physical theft and loss.
As a cautionary note, there is a chance that organizations underreported human error and physical theft and loss events last month. In such cases, we will supply a correction in future months.
Threat Conclusion: The decrease in threat activity will cause a decrease in cyber exposure for most customers.
Data Breach Probability
Data Breach Probability Baseline: -7.5% change
Data breach probability baseline decreased by an average of 7.5% since the last update.
This decrease is partially due a decrease in average data breach volume, which is causing a decrease in probabilities for data breaches greater than 100k records.
So far this year, the average size of data breach is slightly above 100k records.
Data Breach Conclusion: The decrease in data breach probability will cause a decrease in data breach cyber exposure for most customers.
Business Interruption
Business Interruption (DoS) Probability Baseline: +27.6% change
Business interruption (DoS) probability baseline increased by an average of 27.6% since the last update.
DDoS attacks less than 4-hour durations decreased by an average of 35.6%.
DDoS attacks between 4 hours and 12 hours increased by an average of 20.5%.
This increase is partially related to resetting the DDoS probability baseline for 2024. However, the effectiveness of DDoS mitigations is also on the rise.
Business Interruption (Other) Probability Baseline: -3.4% change
Business interruption (Other) probability baseline decreased by an average of 12.7% since the last update.
The decrease in probability is partially related a decrease in long duration business interruption incidents. The average decrease in probability is -3.2% for incidents less than 24 hours, while the average decrease in probability is -16.5%.
The decrease in probability may also be related to organizations underreporting short and long duration business interruption incidents.
Business Interruption Conclusion: The increase in business interruption (DoS) probability and the decrease in business interruption (Other) probability will cause a decrease in business interruption cyber exposure for most customers.
Ransomware
Ransomware Probability Baseline: +1.5% change
Ransomware baseline probability has increased by an average of 1.5% since the last update.
This increase in probability is partially due to an increase in the PowerShell-based attacks.
Ransomware Conclusion: The increase in ransomware probability will cause an increase in ransomware cyber exposure for most customers.
Misappropriation
Misappropriation Probability Baseline: +0.1% change
Misappropriation baseline probability has increased by an average of 0.1% since the last update.
The increase in probability is partially related to an increase in fund transfer fraud activity.
Misappropriation Conclusion: The increase in misappropriation baseline probability will cause an increase in misappropriation cyber exposure for most customers.
If you have questions, please submit a contact your X-Analytics Customer Success team member.
Comments