Organizations commit more resources, criminals seek more sophisticated breaches
Sofistic’s 2023 cybersecurity trends report shows the anonymized data and conclusions of the threats and current situation of companies during 2022 obtained through our security audits and the results of SOC monitoring, based on the analysis of more than 1,250 vulnerabilities, 100,000 alerts and 1,500 incidents in sectors such as banking and finance, industry, services and critical infrastructure in Latin America and Europe (mainly in countries such as Colombia, Spain and Panama).
Infrastructure security audits
In 2022, the number of companies conducting security audits increased, demonstrating the growing interest in learning about and addressing existing vulnerabilities.
Pentest in Cloud and Microsoft 365 environments
The massive migration to the cloud during the pandemic and the information stored in this environment has brought with it an increased need to adequately protect it.
Blockchain infrastructure audits
The increasing use of blockchain technology is linked to new types of threats, and companies are becoming increasingly aware of this.
Vulnerabilities with critical severity
28% of the vulnerabilities detected in 2022 are high severity or critical facing, which poses a great risk if cybercriminals detect them before the company performs the pentest.
The opened links in the phishing simulators
Social engineering audits and training in companies have reduced the number of open links in phishing email audits by 40%, although there are still 10% who enter credentials in the attack.
Incidents are related to ransomware
Data exfiltration attempts using ransomware account for about 70% of the incidents investigated by the SOC team.