Filed Under:Agent Broker, Coverage Issues

5 key takeaways from NTT Security's 2017 Global Threat Intelligence Report

Everyone has a role to play in your organization's cybersecurity. What's yours?

When it comes to cybercriminals, everyone should have a strategy to protect sensitive information and ensure services. (Photo: Shutterstock)
When it comes to cybercriminals, everyone should have a strategy to protect sensitive information and ensure services. (Photo: Shutterstock)

In today's environment, everyone has a role to play in your organization's cybersecurity. 

As cybercriminals continuously modify their attacks, everyone must bolster their defenses. NTT Security's 2017 Global Threat Intelligence Report (GTIR) sets to arm such individuals with a long-term strategy: After analyzing over 6.2 billion attacks, the report identifies the top threats and activities individuals and organizations should be prepared to face. 

Related: Identity theft exposure: Protecting employees in and out of the cubicle

Security should be considered a basic business requirement — otherwise, it's a business problem. Ensuring services and protecting sensitive information cannot be achieved without a security strategy. While most cybersecurity reports are meant for security professionals, NTT Security's report wants everyone at the table to discuss how they can help in keeping your data safe.

Find out what actions management, technical staff and users can take to improve security. 

Security strategy session

A culmination of technology, processes and people working together is essential in developing tight cybersecurity. (Photo: Shutterstock)

Security is much more than technology.

When your roof is leaking, NTT Security says, catching the water in a bucket will only work for a short period of time. Long-term solutions are required to prevent further erosion.

The same principles apply to cybersecurity. Security is much more than technology. It is a culmination of technology, processes and people working together. 

Related: No business is totally safe from cyber attacks

Throwing more technology at a security problem is much like getting a bigger bucket for that leaky roof: it won't get the job done. With threats evolving so quickly, most organizations can't keep up with the costs of an upgrade — while many are insufficiently prepared to start. For organizations reliant on older security provisions, training people and establishing procedures can mitigate a potential breach.

Related: 5 best practices to avoid a costly data breach


Users cannot be expected to prevent attacks by themselves; technology companies should work to inform individuals beyond preventing attacks. (Photo: Shutterstock)

Users need more help.

Once-a-year security awareness training sessions will not be effective at stopping attacks.

Users need help from technologies which prevent attacks from reaching them. Leaving it all in users' hands is unfair and unrealistic. The same technologies that prevent attacks must reach out to and inform users; security support which helps users differentiate the malicious from the benign is one way to empower employees. Not only will they be able to carry out their jobs more effectively, sensitive data gets an extra level of protection. 

Related: 5 trends and factors that continue to impact cybersecurity in 2017

Across the globe

NTT Security boasts more than 10,000 security clients on six continents. (Photo: Shutterstock)

Attacks are popping up in specific applications and industries. Know them. 

NTT Security's visibility encompasses 40% of the world's internet traffic. A majority of their findings report a focus of attacks on users, with a smaller portion aimed at the technology preventing the attacks.  

The three technologies found on end-user computers targeted most throughout the year were Adobe Flash Player, Microsoft Internet Explorer and Microsoft Silverlight. Along with Microsoft Internet Explorer, nearly 30% of attacks detected worldwide targeted Adobe Flash Player and Microsoft Silverlight. 

Seventy-seven percent of all detected ransomware was in four industries: business and professional services (28%), government (19%), health care (15%) and retail (15%). The finance industry was the only industry to appear in the "top three most attack industries" in all six geographic regions analyzed. 

Related: 3 wise cybersecurity solutions for 2017

Hacking on Mac

Cyberattacks related to phishing, ransomware and malware are up significantly, according to NTT Security. (Photo: Shutterstock)

Certain cyberattacks are happening in high percentages.

Globally, 32% of organizations had a formal incident response plan. This is up from an average of 23% in previous years. This boost allowed NTT Security to analyze more responses, and here's what they found: 

  • Over 60% of incident response engagements were related to phishing attacks
  • Incident engagements related to ransomware were the single most common (22%)
  • 50% of all incidents in healthcare organizations were related to ransomware incidents
  • 59% of all incident response engagements were in four industries - healthcare (17%), finance (16%), business and professional services (14%) and retail (12%)
  • 56% of all incidents in finance organizations were related to malware. 

Related: Insurer compliance and N.Y.'s new cybersecurity regulations 

Global numbers

NTT Security's report provides a percentage breakdown of cybercriminal behavior. (Photo: Shutterstock)  

The important percentages to remember.

Top attack source countries

  • United States - 63%
  • United Kingdom - 4%
  • China - 3%
  • Other - 30%

Top targeted sectors

  • Government - 14%
  • Finance - 14%
  • Manufacturing - 13%
  • Other - 59%

Top attack categories:

  • Website application attack - 16%
  • Service specific - 8%
  • Application specific - 6%
  • Denial of service (DoS)/Distributed denial of service DDoS) - 6%
  • Other - 64%

Percentage of organizations having an incident response plan: 32%

Related: Cyber crime: How architects, engineers and contractors may be at risk

Featured Video

Most Recent Videos

Video Library ››

Top Story

6 behaviors that could spawn a sexual harassment lawsuit

Sexual harassment scandals loom large among the events that shaped 2017.

Top Story

2017's 10 most hazardous toys

The Boston-based nonprofit World Against Toys Causing Harm, Inc. (W.A.T.C.H.) has released its annual list of the 10 worst toys of 2017.

More Resources


eNewsletter Sign Up

Agent & Broker Insider eNewsletter

Proven success tips and essential information to help agents and brokers grow their practice – FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.