Cyber Defense Ups Its Game

While concerns about the threats posed by hackers remain as high as ever, cyber defense has been achieving some major wins lately, too. In the recent 3CX supply chain compromise, for instance, the attack was caught in weeks rather than months, as had been the case with the SolarWinds supply chain breach.

Cyber defense teams and technologies deserve much credit for the big strides being made against threat actors, according to Mandiant’s M-Trends threat report for 2023 that was released Tuesday. “The defenders are definitely getting a lot better at defending their perimeter,” said Jurgen Kutscher, executive vice president of services at Mandiant, in an interview with CRN. While there’s a “huge spectrum of maturity” on cyber defense between some organizations and geographies, the general trend is heading in the right direction, Kutscher said.

[Related: Mandiant: 79 Percent Of Cybersecurity Decisions Ignore Threat Intelligence]

The analysis is the 14th annual M-Trends report from Mandiant, a well-known provider of incident response and threat intelligence services, which is now owned by Google Cloud. The report is based upon data produced by Mandiant investigations throughout 2022.

The report details how major cyber threats, such as ransomware and data theft, evolved last year, and reveals significant improvements in detection and response efforts. The findings also point to shifts in the initial intrusion methods favored by attackers — while highlighting the fact that even as cyber defense makes gains, threat actors continue to switch up their tactics.

What follows are five key takeaways from Mandiant’s 2023 M-Trends threat report.