The Cyberattack Spectrum – Who Is More Vulnerable To What?

Cybersecurity is a buzzword in today’s business world. Every company knows it needs to invest in cybersecurity because the cyberattack landscape is increasingly full of attacks – from malware to cryptominers, from ransomware to DDoS attacks.

But there is no single one-size-fits-all cybersecurity solution that, when applied, eradicates the threat. And knowing the particular characteristics of the threat landscape that applies to your particular type of business can help you make smarter business decisions, and potentially save you money in applying your cybersecurity strategy.

New research from cybersecurity specialists Lumu Technologies suggests that companies may be using an expensive sledgehammer to crack a cybernut by investing in broad-spectrum protection, rather than focusing on the threats that are actually most likely to come their way.

The Impact of Malware

For instance, the generalized threat of “malware” – often used as a headline threat to explain the whole cybersecurity threat profile – is actually relatively miniscule in its threat level for mid-size and enterprise-level companies. The report from Lumu shows malware being a significant threat for those higher-level, larger-scale businesses in just 3% of cases.

Where malware really is the threat it’s known to be is within the SMB community. The Lumu report shows malware as a major threat a full 60% of the time, meaning many of the standard mitigation techniques and cybersecurity programs that focus on malware will be of significantly more value to the SMB sector than they will to the enterprise-level business world.

If malware is the largest single threat to the SMB community, it begs the question of what the most prolific threat for enterprise-level businesses could be. The answer, according to the Lumu report, is domain generation algorithms. Working as bridgeheads for command and control servers, and in potentially vast numbers during any given cyberattack, means they’re extremely difficult to entirely track down and either mitigate or eradicate, which is bad news for the enterprise community, as they show up as being effective in that arena an…