Back to top

The indispensable source for professionals who create, implement and service technology solutions for entrepreneurs to enterprise.

In the Zone

Research Roundup: Get the latest on DDoS, ransomware and privacy

Peter Krass's picture

by Peter Krass on 06/03/2022
Blog Category: advanced-technologies

The big RSA Conference for cybersecurity professionals kicks off next week in San Francisco. But as the latest IT research shows, the need for robust security is year-round.

Here’s your tech provider’s research roundup.


For sure, Distributed Denial of Service attacks are bad. But how bad exactly?

To find out, Corero Network Security, a cybersecurity supplier, polled its customers during the full year 2021 and the first quarter of this year. Here’s some of what the company reveals in its recently published DDoS Threat Intelligence Report:

> Corero’s service-provider and hosting customers reported an average of 11 DDoS attacks a day. Compared with a year ago, that’s almost 30% more.

> Over 80% of the DDoS attacks were quick, lasting under 10 minutes. That means an attack can do damage before it’s even noticed.

> With new DDoS attack vectors inevitable, even the FBI is struggling to keep up. The FBI announced 4 new vectors in July 2020, but Corero determined that the vectors had already been active in the wild for at least 12 months.

> An organization that gets attacked once  is significantly likely to be attacked again, and soon. Corero puts that likelihood at 29%. In other words, if your organization suffers a DDoS attack, it has a nearly 1 in 3 chance of being attacked again within 7 days.


Think ransomware is under control? Think again. In the last year, the number of ransomware breaches worldwide increased 13%, more than in the previous 5 years combined, according to the latest data breach investigations report from Verizon.

Who’s behind this crime wave? Organized crime. Verizon finds that 4 out of 5 ransomware attacks can be attributed to organized crime.

The conventional wisdom says most cyberattacks are due to an organization’s own employees clicking on phishing emails. But that’s no longer true.

Instead, more than 6 in 10 system intrusions came via partners, Verizon finds. For criminals, compromising a partner turns out to be what the report calls a “force multiplier.”


Protecting customer data while also complying with the growing number and reach of privacy regulation isn’t easy. Research firm Gartner predicts that by the end of 2024, privacy laws will cover the personal data of three-quarters of the world’s population.

To help organizations through this change, Gartner recently identified 5 privacy trends that business and technology leaders will likely encounter in the next 2 years:

> Trend 1 - Data Localization: New privacy laws seek to control the country where data resides. For any organization with a business strategy that involves multiple countries and regions, compliance could be complicated.

> Trend 2 - Privacy-Enhancing Computation (PEC) Techniques: By protecting data in use (as opposed to data at rest), PEC enables organizations to implement data processing and analytics that would otherwise be blocked by privacy concerns. Gartner predicts that by 2025, PEC techniques will be used by 6 in 10 large organizations.

> Trend 3 - AI Governance: Artificial intelligence is surprisingly risky; Gartner finds that 4 in 10 large organizations have had an AI privacy breach. That will likely lead to far more AI regulation. However, because most AI is built into larger solutions, compliance could be challenging.

> Trend 4 - Centralized Privacy User Experience: Consumers are demanding subject rights and transparency, and smart organizations will respond by creating centralized privacy UX. Gartner expects that by 2023, 3 in 10 consumer-facing organizations will offer self-service transparency portal for managing preferences and content.

> Trend 5 - Remote Becomes ‘Hybrid Everything’: Organizations should resist the urge to monitor and collect data on remote and hybrid workers. Instead, Gartner recommends taking an approach that’s more human-centric. Among other things, that means monitoring an employee only when it could help them.


Back to top