The annual Managed Detection and Response (MDR) Analyst Report provides information about the reported incidents, their nature, and their distribution by industry and geographic region. It also highlights the most common tactics, techniques and tools attackers used in the past year. These results are based on analysis of MDR incidents detected by the Kaspersky Security Operations Center (SOC).
According to the report, 22.9% of all detected high-severity incidents were recorded in the government sector. IT companies came second (15.4%), closely followed by financial and industrial companies that reported 14.9% and 11.8% of incidents respectively.
Regarding the nature of these incidents, nearly 25% of them were driven by humans. Just over 20% involved various types of ‘cyber exercises’, which had been previously classified by Kaspersky as targeted attacks, but designated as ‘cyber exercises’ upon explicit confirmation by the customer.
The 2023 MDR’s report, also found that the proportion of incidents involving the detection of targeted attack artefacts, publicly available critical vulnerabilities and the use of social engineering was around 4-5%.
To enhance protection against advanced attacks, companies are advised to implement effective cybersecurity solutions and hire qualified practitioners to manage them or adopt managed security services such as Managed Detection and Response (MDR) and Incident Response. These products cover the entire incident management cycle from threat identification to continuous protection and remediation. These services will help protect against evasive cyberattacks, investigate incidents and provide additional expertise even if a company lacks security workers.
The full Kaspersky Managed Detection and Response Analyst Report 2023 is available via this link.