Sygnia Annual Field Report

Executive summary

The Sygnia annual field report is a compilation of unique insights derived from hundreds of projects spanning incident response, posture assessments, and simulated attacks carried out during 2023, with findings contributed by Sygnia’s Incident Response, Adversarial Tactics, Enterprise Security, Managed XDR, Engagement Managers and Legal teams. The report will be released as a series, with each installment highlighting a different perspective.  

Download the first report in the series: The Threat Landscape.

The series includes notable identified trends, strategic insights cultivated through client engagements, and the most prominent tactics, techniques, and procedures employed by various threat actors. It also includes key preventative strategies that have proven highly effective in combatting emerging threats, offering a comprehensive guide to fortify your cybersecurity defenses.

Key Findings

1. The Threat Landscape:

Sygnia’s Incident Response teams identify impactful changes in ransomware strategies during the past year. Ransomware groups transitioned from encryption-oriented attacks to data exfiltration and extortion strategies, employing tactics that yield faster monetization and refining new ways to cripple organizations and pressure them into paying ransom demands. In addition, bypassing MFA has become a common tactic as a high percentage of organizations already enforce this best-practice policy, and identity and cloud-based breaches are on the rise with new techniques used to exploit and deliver severe blows to networks globally.

2. The Attacker’s Perspective:

Sygnia’s Adversarial Tactics team shares last year’s key improvements and developments that affect threat actors’ operations and identifies the most common TTPs they have utilized within clients’ environments, noting a marked increase in the number of exploited systemic misconfigurations, and a need for innovative and effective mitigation strategies.

3. The Defender’s Perspective – Preparedness:

Sygnia’s Enterprise Security team notes a return to basics in the cybercrime community, as evidenced by the simplicity of some of 2023’s major cyberattacks. The dual challenge of SEC compliance and CISO accountability is complicating matters for organizations as new regulations are already having an impact in major incidents. The rise of AI in cybersecurity may mark a turning point in attack strategies – a reduction in the time required to execute attacks, along with an increase in their targeted capabilities.

4. The Defender’s Perspective – Detection:

Sygnia’s MXDR department notes the impact of major technological advancements, market dynamics, and user adoption in the MXDR, which will have a profound impact on the 2024 landscape as trends combine with emerging technologies that will to propel the XDR market forward.

5. The Executive Perspective:

After conducting countless tabletop exercises in 2023 Sygnia’s Engagement Managers bring their collective intelligence of the most common challenges, alleys and items that are underestimated by customers globally. They also advise executives on how to build a security team, prioritize security budget and measure the effectiveness of a cybersecurity program.

Sygnia’s Legal team identifies the three most notable emerging major topics of 2023; the CISO’s expanding role and increased liability, the SEC’s new disclosure requirements and their implications on regulatory landscape and global collaboration, and emerging trends in 3^rd party-based attacks and their impact on risk management.

The annual Sygnia field report goes beyond theoretical recommendations, including practical approaches to achieving robust defense without additional technology investments. Learn how to leverage your existing security estate and assets effectively, ensuring a powerful defense against cyber threats.

Download this week’s report: The Threat Landscape.

This blog post and any information or recommendation contained herein has been prepared for general informational purposes and is not intended to be used as a substitute for professional consultation on facts and circumstances specific to any entity. While we have made attempts to ensure the information contained herein has been obtained from reliable sources and to perform rigorous analysis, this advisory is based on initial rapid study, and needs to be treated accordingly. Sygnia is not responsible for any errors or omissions, or for the results obtained from the use of this blog post. This blog post is provided on an as-is basis, and without warranties of any kind.