zurĂĽck

15. Jul 2024 | Press Releases

CANCOM Cyber Security Report 2024: Ransomware and supply chain attacks intensify

CANCOM Security Report
  • Report shows top 3 trends in cybersecurity threats
  • Ransomware-as-a-Service and supply chain attacks identified as growing threats
  • Security experts provide assessments of protection strategies and show how companies can protect themselves

The spread of ransomware-as-a-service (RaaS) models and the sharp increase in supply chain attacks in the past year have led to an increased number and sophistication of cyberattacks, according to CANCOM’s Cyber Security Report. In the report, IT security experts emphasize the urgency of improved protective measures and explain specific strategies for combating these threats.

Looking to the future, Jochen Borenich, CEO of CANCOM, sees cybersecurity as crucial to business success, referring to the Allianz Risk Barometer 2024: “Alongside the issue of energy security, critical cyber incidents such as IT outages, ransomware attacks and data breaches are classified as the biggest threats to companies’ ability to do business. Is corporate IT security reaching its limits? No, if the right solutions are deployed in the right places at the right time,” says Borenich.

Top 3 trends in cybersecurity 2023

The report identifies three main trends dominating the cybersecurity landscape in 2023 and provides detailed measures that companies can take to effectively protect themselves against these threats:

1. Ransomware: The threat of ransomware has continued to intensify and represents a serious global security crisis. Attacks are becoming increasingly sophisticated, exploiting new vulnerabilities and phishing campaigns. In the report, CANCOM recommends comprehensive measures such as user awareness training, the least privilege model, network segmentation and endpoint security to protect companies from these attacks.
2. Supply chain attacks: Attackers use vulnerabilities in the supply chain to gain access to companies. The exploitation of zero-day vulnerabilities and the spread of advanced malware have led to an increased number of successful supply chain attacks. The report emphasizes the importance of supplier security policies, continuous audits and proactive threat intelligence to prevent these attacks and ensure supply chain security.
3. OT security: Critical infrastructures and industrial process control systems are increasingly the target of attacks. CANCOM relies on continuous monitoring, network segmentation and virtual patching to ensure the integrity and security of these systems.

How companies can protect themselves with the PURPLE strategy

The CANCOM Cyber Security Report 2024 offers comprehensive insights into the symbiotic PURPLE strategy. It combines the strengths of the RED team, which specializes in offensive security audits and vulnerability assessments, with those of the BLUE team, which is responsible for continuous monitoring and incident response. This PURPLE strategy includes:

Proactive attack defense: the RED team conducts penetration testing and vulnerability analysis to uncover security gaps before they can be exploited by cybercriminals.
Continuous monitoring and response: The BLUE team monitors systems around the clock, responds to incidents and conducts threat hunting to quickly identify and neutralize active threats.
Knowledge sharing and collaboration: The continuous sharing of insights between the two teams enables dynamic adaptation and improvement of security strategies, better protecting organizations against new and evolving threats.
End-to-end security approach: By integrating preventive, detective and reactive measures, the PURPLE strategy provides a holistic security solution that covers all aspects of cybersecurity.

About CANCOM

As a leading Digital Business Provider, CANCOM leads companies, organizations and the public sector into the digital future. The range of services and solutions includes classic system house IT solutions as well as data-based digital solutions, managed services and cloud services. We accompany the digital evolution of our customers with passion and technology and support them in reducing the complexity of their IT and developing new business models. We offer a holistic portfolio for all IT and business requirements.

The CANCOM Group’s offering comprises innovative solutions in the areas of Artificial Intelligence, Security & Network, Datacenter & Cloud, IoT Solutions and Modern Workplace and includes services for the entire IT lifecycle – from the provision of IT infrastructures, planning and integration, to support, managed services and XaaS. Customers benefit from the extensive expertise with which their diverse requirements are translated into concrete industry-specific IT solutions to significantly promote their business success.

The more than 5,600 employees of the internationally active CANCOM Group with around 80 locations in the DACH region, Belgium, Slovakia, Romania and the Czech Republic as well as an efficient partner network ensure market presence and customer proximity. The CANCOM Group is managed by RĂĽdiger Rath (CEO), Jochen Borenich (CSO) and Thomas Stark (CFO). The company is headquartered in Munich. CANCOM generated annual revenue of around 1.5 billion euros in 2023. The Group parent company CANCOM SE is listed on the Frankfurt Stock Exchange in the TecDAX and SDAX (ISIN DE0005419105).