top of page

X-Analytics Software Update: August 28, 2024

To ensure the X-Analytics Application remains current and produces reliable outcomes, the X-Analytics Research Team aggregates and analyzes historical and cyber risk intelligence data to calibrate backend variables within X-Analytics.

This update includes:

Industry Threat Baselines: -1.0% change since last update

The industry threat baselines decreased by an average of 1.0% since the last update.

Crimeware (including ransomware), Everything Else (including unknown and unclassified events), and Denial of Service Attacks are still the top three threat categories (in order of most likely to least likely).

The decrease in threat activity is mostly related to a decrease in human error events and physical theft and loss events.

Despite the overall decrease in threat activity, Real Estate Rental and Leasing (53), Construction (23), and Utilities (22) experienced the largest increase in threat activity.

The decrease in threat activity will cause a decrease in cyber exposure for most customers.

Data Breach Probability Baseline: +15.8% change since last update

Data breach probability baseline increased by an average of 15.8% since the last update.

This increase is mainly due an increase in data breach size. The average size of data breach is between 200k and 300k records.

Interestingly, most data breaches are related to unknown or undisclosed vectors.

The increase in data breach probability will cause an increase in data breach cyber exposure for most customers.

Business Interruption (DoS) Probability Baseline: -3.9% change since last update

Business interruption (DoS) probability baseline decreased by an average of 3.9% since the last update.

Even though there was an overall decrease in the DoS probability baseline, there was a 34% increase in 30-minute DoS attacks. The increase in short duration attacks is partly due to attackers using short duration attacks as feelers, to make detection harder, to attack with efficiency, and to test the target organization’s response capability. 

The decrease in business interruption (DoS) probability will cause a decrease in business interruption (DoS) cyber exposure for most customers.

Business Interruption (Other) Probability Baseline: +10.1% change since last update

Business interruption (Other) probability baseline increased by an average of 10.1% since the last update.

The increase in probability is partially related to the Crowdstrike outage, Microsoft outages, and other DPI-related (digital public infrastructure) outages.

In simple terms, human error is the most concerning cause of IT outages.

The increase in business interruption (other) probability will cause an increase in business interruption (other) expected loss for most customers.

Ransomware Probability Baseline: +4.6% change since last update

Ransomware baseline probability has increased by an average of 4.6% since the last update.

This increase in probability is partially due to an increase in the LockBit and Ransomhub activity and targeted attacks within the government, education, and healthcare industry verticals.

The increase in ransomware probability will cause an increase in ransomware expected loss for most customers.

Ransomware Extortion: +4.6% change since last update

Ransomware extortion (median impact) has increased by 7.2% since the last update.

This increase in extortion is partially due to lone wolf “unaffiliated” extortion attacks.

The increase in ransomware extortion will cause an increase in ransomware expected loss for most customers.

Misappropriation Probability Baseline: +0.5% change since last update

Misappropriation baseline probability has increased by an average of 0.5% since the last update.

The increase in misappropriation probability will cause an increase in misappropriation cyber exposure for most customers.


If you have questions, please contact your X-Analytics Customer Success team member.

Comments


bottom of page