BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
The number of publicly disclosed information security issues will increase dramatically next year, says managing general agent Coalition Inc., in a report issued Wednesday.
The number of Common Vulnerabilities Exposures, which is a database of these incidents maintained by the National Cybersecurity Federally Funded Research and Development Center, can be expected to increase to more than 1,900 CVEs per month, including 270 that are considered “high-severity” and 155 that are considered “critical-severity,” according to the report.
This would be a 13% increase in average monthly critical incidents from 2022, the report, Cyber Threat Index 2022, says.
The report says email addresses and passwords consistently remain on the top of the list of information lost because of a data breach.
It says also Remote Desktop Protocol remains “by far” the most common remote-scanning protocol by attackers, and RDP scanning traffic is very high.
“This means attackers are still leveraging old protocols with new vulnerabilities like RDP to gain access to systems, which is why quickly patching these is of paramount importance,” the report says.
Coalition said it compiled its report based on critical information gathered from its underwriting and claims practice, as well as from internet scans of 5.2 billion internet protocol addresses.
The company said in a statement it recommends organizations and their security and IT teams prioritize applying software updates within 30 days of a patch’s release, and follow regular upgrade cycles to older software’s vulnerabilities in order to prepare for this year’s threats.
Coalition Inc., a managing general agent specializing in cyber risk, said Tuesday it has started conducting business in London, effective Sept. 1.