Cybersecurity Private Equity

Cyber TRUST™ Index

-2.8%

Daily Change

+40.9%

Change from Jan 2023

Burnout, Deepfakes and Malware [Weekly Cybersecurity Brief]

In this blog, we often discuss matters surrounding evolving cyberthreats and the state of the cybersecurity workforce. With each week, these two topics become more and more entwined. As the attack surface widens, we realize the weaknesses that not only exist within our digital systems but exist within cybersecurity teams as well. In addition to the need for more diversity and training, we must also consider the growing presence of burnout among professionals. We dive into this issue and the factors driving it.

A new study released by VMware explored the subject of burnout among cybersecurity staff. It concluded that 47% of cybersecurity incident responders reported experiencing burnout or high levels of stress over the past year. Although this number is a slight decrease from the previous figure, it may be taking a more significant toll. The number of respondents that said burnout is causing them to consider leaving their jobs has increased. A leading solution to address this is to implement more flexible hours, which 72% ranked as a top priority. However, organizations will have to continue finding other solutions as the work becomes more complex.

A major contributor to cybersecurity overload is the sheer size of the threat landscape. It is constantly changing and maturing, making it very difficult to stay on top of. One trend playing a role in this issue is the growing use of lateral movement. Lateral movement is defined as, “the process by which attackers pivot from a compromised device to burrowing deeper into the corporate network,” according to Dark Reading. Another threat rising in popularity is deepfake activity. Researchers summarize that cybercriminals’ deployment of deepfakes has gone up by 13% over the past year. Through this method, bad actors can slyly make their way through security barriers.

Alongside such evolving threats, there is also the matter of lifespan to consider when thinking about exhausting cybersecurity elements. In a look back at prevalent malware strains throughout 2021, the Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre reported that the typical timeline for a malware strain is five years. They can last because they are often implanted and then updated and reused with greater sophistication. The agencies listed Agent Tesla, AZORult, FormBook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader among such leading malware strains. 

Key Takeaways:

“Your cybersecurity staff are burned out – and many have thought about quitting” – Danny Palmer, ZD Net

https://www.zdnet.com/education/professional-development/your-cybersecurity-staff-are-burned-out-and-many-of-them-have-thought-about-quitting/

  • A new study released by VMware concluded that 47% of cybersecurity incident responders reported experiencing burnout or high levels of stress over the past year.
  • The number of respondents that said burnout is causing them to consider leaving their jobs has increased.
  • A leading solution to address this is to implement more flexible hours, which 72% ranked as a top priority.

“Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War” – Nathan Eddy, Dark Reading

https://www.darkreading.com/risk/deepfakes-grow-sophistication-cyberattacks-rise-ukraine-war

  • A major contributor to cybersecurity overload is the sheer size of the threat landscape.
  • One mounting threat is the increasing use of lateral movement, which allows attackers to move deeper and deeper into a network.
  • The deployment of deepfakes to compromise organizations has also gone up by 13% over the past year.

“The 11 most-prevalent malware strains of 2021 fuel cybercrime” – Matt Kapko, Cybersecurity Dive

https://www.cybersecuritydive.com/news/top-malware-strains-CISA/628993/

  • In a look back at prevalent malware strains throughout 2021, the Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre reported that the typical timeline for a malware strain is five years.
  • They can last because they are often implanted and then updated and reused with greater sophistication.
  • The agencies listed Agent Tesla, AZORult, FormBook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader among such leading malware strains. 

Share