To ensure the X-Analytics Application remains current and produces reliable outcomes, the X-Analytics Research Team aggregates and analyzes historical and cyber risk intelligence data to calibrate backend variables within X-Analytics.
This update includes:
Threat
Industry Threat Baselines: -4.2% change
The industry threat baselines decreased by an average of 4.2% since the last update.
Most notable, Administrative and Support, and Waste Manager and Remediation Services (56), and Agriculture, Forestry, Fishing, and Hunting (11) have the largest increases in threat activity. Though, both industries only increased by a few percentage points.
However, Finance and Insurance (52), Healthcare and Social Assistance (62), and Professional, Scientific, and Technical Services (54) have the most significant threat activity.
Web Application Attacks, Crimeware (which includes ransomware), and Denial of Service Attacks, and are the top three threat categories (in order of most likely to least likely).
The decrease in threat activity is partially related to decreases in unauthorized access (via insider), failure to comply with compliance and data processing principles, and fraudulent fund transfers.
Threat Conclusion: The decrease in threat activity will cause a decrease in expected loss for most customers.
Data Breach Probability
Data Breach Probability Baseline: -10.1% change
Data breach probability baseline decreased by an average of 10.1% since the last update.
The average size of data breach is still holding between 100k and 200k records.
Data Breach Conclusion: The decrease in data breach probability will cause a decrease in expected loss for most customers.
Business Interruption
Business Interruption (DoS) Probability Baseline: -0.7% change
Business interruption (DoS) probability baseline decreased by an average of 0.7% since the last update.
The DoS baseline probability decreased by 2.9% for durations between 0.5 hours and 4 hours, decreased by 0.5% for durations between 5 hours and 12 hours, decreased by 0.3% for durations between 13 hours and 24 hours, and decreased by 0.6% for durations greater than 24 hours.
Business Interruption (Other) Probability Baseline: -14.4% change
Business interruption (Other) probability baseline decreased by an average of 14.4% since the last update.
Customers should expect to see changes in business interruption (other) probability throughout the year.
Business Interruption Conclusion: The decrease in business interruption (DoS) probability and the decrease in business interruption (Other) probability will cause a decrease in business interruption expected loss for most customers.
Ransomware
Ransomware Probability Baseline: +1.2% change
Ransomware baseline probability has increased by an average of 1.2% since the last update.
This increase is partly due to Lockbit and Medusa ransomware activity.
Ransomware Conclusion: The increase in ransomware probability will cause an increase in expected loss for most customers.
Misappropriation
Misappropriation Probability Baseline: -1.2% change
Misappropriation probability baseline has decreased by an average of 1.2% since the last update.
Misappropriation of Funds - % of Payments Related to Fraud: -14.5% change
Misappropriation of Funds (% of payments related to fraud) has decreased by 14.5% since the last update.
Misappropriation Conclusion: The decrease in misappropriation probability will cause a decrease in misappropriation expected loss for most customers, and the decrease in % of payments related to fraud will cause a further decrease in misappropriation of funds expected loss for most customers.
If you have questions, please submit a support request here.
Comments