According to the latest Kaspersky Managed Detection and Response (MDR) analyst report, government and development industries experienced a significant decrease in the number of high-severity incidents with direct human involvement in 2024, whereas the food, IT, telecom and industrial sectors demonstrated an increase.
The annual Managed
Detection and Response (MDR) analyst report provides insights into detected
incidents, their nature and their distribution across various industries and
geographic regions. Additionally, it emphasizes the most common tactics,
techniques and tools used by attackers over the previous year. The data is
based on analysis of incidents detected by Kaspersky MDR.
Compared to 2023, the mass media, development and telecoms industries experienced a significant increase in the number of incidents. However, when examining high-severity incidents—those that feature direct human involvement—the distribution reveals notable differences. In 2024, the MDR team identified that the majority of high-severity incidents occurred in IT (23%), followed by the government (18%) and industrial sectors (18%).
The report highlights
a significant decrease in high-severity incidents within the government and
development sectors, while the number of such incidents in the food sector
increased. Additionally, a relatively large rise was observed in the industrial
sector, alongside a slight increase in retail, IT and telecoms. Interestingly,
despite the mass media sector facing a substantial increase in overall
incidents, this trend did not translate into a corresponding rise in
high-severity incidents. This observation shows that many attack attempts were
swiftly detected and mitigated, effectively preventing their severity from
escalating beyond medium levels.
”In 2024, we revealed
a shift in the landscape of cyber threats, with high-severity incidents
increasingly concentrated in the food sector, underscoring the necessity for
cybersecurity measures in this area. While the overall number of incidents
surged in sectors like telecom and mass media, the resilience demonstrated in
swiftly detecting and neutralizing potential threats highlights the importance
of proactive measures. As attackers refine their tactics, organizations must
adapt by investing in robust cybersecurity solutions that combine advanced
technologies with expert oversight,“ comments Sergey Soldatov, Head of Security
Operations Center at Kaspersky.
To strengthen your
company’s protection against sophisticated attacks, deploy robust cybersecurity
solutions and hire qualified practitioners to manage them or adopt managed
security services such as Managed Detection and Response and Incident Response. These security services
encompass the complete incident management cycle from threat identification to
continuous protection and remediation. They assist in safeguarding against
evasive cyberattacks, investigating incidents and offering expert support even
if a company lacks security workers.
The full Kaspersky
Managed Detection and Response analyst report for 2024 is available via
this link.
