Seven Threat Types Identified
The DirectDefense team identified top seven threat types for 2022, including custom alerts created by DirectDefense based on its clients’ unique needs and program support:Low Phishing Alerts Surprising
DirectDefense was "surprised" by the low number of client alerts related to phishing expeditions. This infrequency could be the result of tighter organizational email security protocols or simply fewer phishing attempts overall due to previous year’s events where threat actors scraped email addresses and personal information from social networking sites and took other approaches, such as brute force attacks. Of note, on the 7% of phishing attempt alerts, 859 were positive phishing attempts and three of those escalated to an incident response engagement.Commenting on the survey results, Jim Broome, DirectDefense president and chief technology officer, said:“The number of hours spent investigating alerts, many of which require no action, can stop productivity in its tracks. Not to mention how alert fatigue often results in simply not investigating alerts, thereby potentially missing a very real threat — and the opportunity to respond quickly. Even when companies elect to handle certain alerts in-house, the benefit of having 100% of alerts immediately investigated by an MSSP removes a significant strain on organizational resources.”