Trend Micro report: America tops global cyber risk index

Trend Micro has released its 2024 Cyber Risk Report, "Intercepting Impact," which offers insights derived from the company's global telemetry data. According to the report, America exhibited the highest risk index due to significant vulnerabilities in banking and critical infrastructure sectors. The Asia Pacific, Middle East, and Africa region ranked third in the risk index with an average score of 42.7. Europe demonstrated high patching efficiency with a Mean Time to Patch (MTTP) of 26 days for the first half of 2024, the shortest period among all regions.

Mick McCluney, ANZ Field CTO at Trend Micro, emphasised the importance of transitioning towards a risk-based approach to cybersecurity for better organisation-wide protection. "Trend's cyber risk report shares key insights on where risks are greatest within organisations such as weak security controls, misconfigurations, and unpatched actively exploited vulnerabilities. Shifting towards a more risk-based approach to cybersecurity—discovering the entire attack surface, using AI to calculate the actual risk, and providing mitigating controls advice—allows an organisation to improve its cybersecurity posture like never before. This is a game changer for the industry," McCluney stated.

The report used data from Trend Micro's Attack Surface Risk Management (ASRM) and eXtended Detection and Response (XDR) tools to calculate risk scores for various asset types. These scores were based on factors including the asset's attack surface, exposure, security configuration, and overall impact. Higher-value assets with more privileges inherently presented a larger attack surface and were deemed higher-risk.

The report found that devices are the most at-risk assets, with 22.6 million total devices identified, 877,316 of which are classified as high-risk. Accounts followed with 53.9 million total accounts, 12,346 of which are deemed high-risk. Cloud assets followed, with 14.5 million, including 9,944 high-risk assets. Internet-facing assets and applications were also noted, though in smaller quantities of high-risk items.

The mining sector emerged as the most vulnerable industry with the highest risk score, attributed to its critical role in global supply chains and a large attack surface. The pharmaceuticals industry, although deemed vulnerable, demonstrated high patching efficiency, indicative of its focus on protecting sensitive data.

One of the leading detected risk events involved accessing cloud applications with high-risk levels, based on historical application data, known security features, and community knowledge. Old and inactive accounts, as well as accounts with disabled security controls and the transmission of sensitive data outside networks, were also highlighted as significant risk events.

The findings underscored weak security configurations as a common vulnerability that could potentially lead to system compromises. Recommendations for mitigating these risks include optimising product security settings to receive alerts on misconfigurations, contacting device and account owners to verify risky events, investigating these events using Trend Vision One's Workbench search function, and disabling risky accounts or resetting them with strong passwords and multi-factor authentication (MFA). Regularly applying the latest patches or upgrading application and operating system versions was also advised.

The report was developed based on telemetry data collected from Trend Micro's ASRM solution and XDR tools from December 25, 2023, to June 30, 2024. This data illuminates the critical vulnerabilities and risk factors across various sectors, emphasising the need for organisations to enhance their risk management strategies continually.