Dr. Jörg Steinger has been appointed at Zürcher Kantonalbank ZKB to succeed Walter Seif, who has been Head of Internal Audit since 2015 and will leave the bank on June 30, 2023. To ensure an orderly transition, Dr. Jörg Steinger will join the bank as the new Head of Audit as early as April 1, 2023, according to ZKB.

For strong corporate governance

"We are very pleased to have been able to recruit Dr. Jörg Steinger for this responsible role. He is a recognized expert in the field of internal audit and a proven leader who also has broad experience in various banks," said Dr. Jörg Müller-Ganz, Chairman of the Bank Council of Zürcher Kantonalbank. "As part of a multi-stage selection process, the Bank Council carefully evaluated internal and external candidates. Dr. Jörg Steinger brings with him all the prerequisites to continue the strong corporate governance of Zürcher Kantonalbank and to tackle future challenges. His extensive experience in the financial industry and in the area of digitalization will stand him in good stead."

From Vontobel to ZKB

Dr. Jörg Steinger looks back on more than 30 years in internal auditing. He has been Head of Internal Audit at Vontobel since 2013. Prior to that, he spent around 15 years at Luzerner Kantonalbank, first as Head of Internal Audit and then as Head of Risk & Process Management. From 1994 to 1999, he worked in Internal Audit at Schweizerische Kreditanstalt and Credit Suisse Group respectively. He received his doctorate from the University of St. Gallen on digitalization in internal auditing and holds a degree as a Swiss Certified Public Accountant. Dr. Jörg Steinger is a Swiss citizen.

Reporting to the Bank Council as Head of Audit

With over 50 specialists, Audit is responsible for the internal auditing of Zürcher Kantonalbank. It supports the Bank Council in fulfilling its statutory supervisory and control duties and performs the monitoring tasks assigned to it by the Bank Council. In particular, the Audit independently and objectively assesses the appropriateness and effectiveness of the internal control and risk management processes and contributes to their improvement. Audit reports to the Presidium of the Bank Council.

Source: Zurich Cantonal Bank

The annual IT procurement conference was organized by the Institute Public Sector Transformation of the Bern University of Applied Sciences (BFH) and the Institute of Business Informatics of the University of Bern, in cooperation with the Digital Transformation and ICT Steering Division (DTI) of the Federal Chancellery, the Federal Office for Buildings and Logistics (BBL), Digital Administration Switzerland (DVS) and the associations swissICT and CH Open. The event was aimed at procurers, consultants, lawyers and specialists working in the field of public procurement.

Targeted promotion of sustainability with new criteria in public procurement law

Public procurement of information and communication technology (ICT) goods is complex. Procurers of ICT equipment must constantly weigh up the legal minimum social and ecological requirements, rising expectations of the products and the cost pressure of the client. In the process, applicable standards are rarely monitored, and sustainability has not played a significant role in the balancing act until now. This could now change.

New opportunities through revision of public procurement law

With the current revision of the Federal Law on Public Procurement (BöB), procurers can not only define additional sustainability requirements as exclusion criteria, but also reward innovation and a better life cycle assessment as part of determining the most advantageous offer. In addition, compliance with minimum standards in particular can be better verified. How these criteria are actually used in tenders and how
The discussion among invited experts focused on the actual extent of the impact in practice.

Some insights from the IT procurement conference

Dr. Peter Pawlicki of Electronic Watch, a representative of a monitoring organization, notes "a great demand for industry-independent monitoring of contractual obligations to comply with human rights and labor standards". Another promising approach is the use of digital solutions that support the procurement process end-to-end and thus have great potential to support not only effectiveness and efficiency in purchasing, but also the enforcement and assurance of compliance with legal requirements.

How can the new law be implemented in such a way that real change becomes tangible? Both the WTO panel and the specialist session on sustainable procurement revealed that cooperation between the public procuring entity and the trade associations is essential.
of the IT industry can decisively advance the issue of sustainability in the IT sector. This is vividly illustrated by the example of the negotiations between the Ministry of the Interior and the IT industry association BITKOM in Germany.

Further information

The International Symposium on Non-Destructive Testing in Civil Engineering, the NDT-CE Conference, is held every three years at selected locations worldwide. This year, SVTI had the privilege of hosting and organizing the event on August 16-18, 2022. The conference with over 160 presentations, poster sessions, panel discussions, pre-conference workshops aimed to contribute to the continuous development of structural diagnostics. The international audience was provided with a platform for exchange on the current state of NDT technologies and perspectives for future initiatives. 

An excerpt from the conference program presents itself as follows:

• Building diagnostics with non-destructive testing methods such as ultrasound and radar
• Artificial intelligence for data analysis
• Digital building models
• Case studies on structural damage and diagnostic possibilities

A highlight of the event was the Start-up Innovation Special, which showcased the high level of innovation and entrepreneurship in the field of non-destructive testing in construction.

The constellation of professors, scientists, doctoral students and engineers meeting equipment manufacturers and product managers as well as architects and planners at the NDT-CE Conference in 2022 confirmed that sustainable construction must go hand in hand with modern quality assurance tools and data-based asset management. Reliable technologies for diagnosing and evaluating the building structure are also crucial, particularly in the case of existing buildings.

More information about the event

The new book "Controlling Canvas" from Haufe-Verlag, which has just been published, offers support in setting up and implementing goal- and result-oriented controlling. Founders and executives learn everything about the new methodology and the (graphical) structure of the controlling model canvas and get to know the different application possibilities by means of five case studies. Based on the business model of the specific company, the book provides an easy-to-understand guide that does not require any special prior knowledge of controlling.

From the general benefits of controlling to the identification of relevant success factors, the book leads to the controlling canvas and helps to determine the necessary controlling for the specific company. Hints for the introduction and implementation of controlling help with the practical work. The author Klaus Schopka has many years of practical experience with leading tasks in the controlling and service area of international IT companies with interfaces to group companies, specialist departments, development, IT operations and suppliers on a national and international level. Today he is an independent consultant based in Unterföhring/Munich. He heads the project controlling working group of the International Controller Association, is a member of the Munich regional management of the German Association for Project Management and of the IT controlling and project management specialist groups of the German Informatics Society. He is also a juror at the Munich Business Plan Competition and active as a technical author, lecturer and speaker.

Controlling Canvas. Guide for new business models, start-ups and entrepreneurs
By Klaus Schopka
First edition, 2022, 240 pages, softcover
Haufe Publishing House
ISBN 978-3-648-16572-0
ISBN 978-3-6481-6574-4 (ePDF)
ISBN 978-3-6481-6573-7 (ePUB)

https://shop.haufe.de/toptitel-fachbuch

For 2021, the manufacturer of cybersecurity solutions could see little light and a lot of shadow. There were new negative records in almost all branches of cybercrime. These poor prospects are joined by a new front: unprotected digital identities, which virtually invite criminal activities by hackers due to the careless behavior of consumers.

Windows system remain major targets for cybercriminals

Of the many threats that targeted Windows systems last year, five major categories remained unchanged: Exploits, Trojans, Ransomware, Coin Miners, and Potentially Unwanted Applications (PUAs). PUAs in particular seem to be popular in attacks on Windows systems. They account for one-third of all threats directed at Windows systems. On Macs, there is slightly less variation in terms of malware. On macOS, Trojans were analyzed, potentially unwanted applications (PUA), adware and coin miners. The vanishingly small proportion of ransomware, at a full one percent, creates a false picture. It disguises the fact that many solutions recognize a Trojan as the prelude to a larger attack right at the beginning. Trojans are the gateway to prepare the way for subsequent payloads: Such as ransomware, hijacking resources for cryptominer, or even more advanced malware.

Ransomware: USA is the most important target for attackers

Solar Winds, Colonial Pipeline, Kaseya, and Brenntag are just a few of the big names that have been involved in high-profile ransomware attacks. The extortionists favored industries with high-profile companies and large critical infrastructures - key characteristics that indicate a victim is likely to pay the ransom. The U.S. led the way with 33 % of the attacks, followed by Germany with a notable 12 %. The extortionists focused their activities primarily on countries they believed would be profitable.

IoT devices still a problem

The world of networked smart devices also continues to pose major challenges for IT security. The risk of using them for DDoS attacks is particularly high. Neither the mobile device industry nor the IoT ecosystem have significantly improved their security posture. This means that many of the problems from the past are still present: The operating systems of many devices have numerous security vulnerabilities, are difficult to update. Passwords are still preset and don't need to be force reset. Apparently, IoT security is still not a priority for vendors. A trend seems to prevail: Popular usually means secure. This means that widely used devices from well-known manufacturers are on average more secure than niche products from small manufacturers.

Unprotected digital identities challenge criminal activity

Digital activity has reached an all-time high during the pandemic, with careless consumer behavior further darkening the global cyberthreat landscape. According to Bitdefender Digital Identity Protection telemetry, only 21 % of users have a digital identity with a low level of secrecy. At this level, only one to five pieces of data are exposed online. 62 % of users are apparently not worried about their data being disclosed. More than ten pieces of data about themselves are publicly available. Even though 17 % of users have a medium position with five to ten data items available online, the global average of exposed data items is 26 unique personal data items.

Regardless of the concerns users express about privacy in the digital age, they are dropping their guard and willingly sharing personally identifiable information online. Bitdefender Digital Identity Protection's analysis of telemetry data also shows that URLs (26 %), job titles (21 %) and physical addresses (20%) are among the most vulnerable types of personal data. These records are supplemented by a variety of additional personal information, including usernames, educational background, full names and email addresses, and date of birth.

Android security still needs improvement

With a market share of 70 %, Android dominates the mobile world, exposing it to more risks than iOS, which is second with 27 %. Official Android stores remain a major infection vector, despite their supposed inherent security. Combined with the fragmentation of the operating system, one of the platform's biggest problems, it is easy to understand why Android is plagued by so many threats on a daily basis and why criminals invest time and effort into developing new threats.

A good example is the TeaBot and FluBot campaigns, which have a global reach and use very different methods for organic distribution. For example, TeaBot was spread via fake apps, sometimes even hosted in official stores. The attackers went even further and bought ad slots in legitimate, widely used Android apps that referenced malicious Trojans. For example, it was observed that a QR code reading app hosted on Google Play Store spread 17 different TeaBot variants in a short period of time. Although Google removed numerous malicious apps from its official store several times, the damage had already been done. Samsung's official Galaxy Store was also used to spread malware in the form of Showbox clone apps.

Increased on the road: cryptominer

Resource hijacking by coin miners is becoming increasingly important. Hackers use numerous infection vectors, such as exposed information, potentially unwanted applications, or even warez downloads. Regions that give the hackers rich prey in the form of sufficient computing power are main distribution areas. These include the U.S. with 26 %, APAC with 10 %, and Eastern and Central Europe with 8 %. The EU countries Italy, Denmark, France, Romania, Germany, Spain and the UK account for 34 %.

2022 will be different? Perhaps in certain areas

A look back at the year 2021 shows: The threat landscape is and remains diverse. The spectrum ranges from annoying spam to dangerous malware and digital identity theft. Cybercriminals are extremely creative and constantly on the lookout for new methods to make money with hacks. Computational power, personal identities, and ransomware have been drivers of many attacks. The 2022 Annual Review is sure to provide new insights in this regard. Because the war in Ukraine creates new occasions for spam, as well as phishing. And new motives.

Source: Bitdefender

With the new three-point internal quick probe, measurements can be taken in bores within a short time and at different positions. The probe has three titanium-coated measuring surfaces arranged at a 120° angle to each other. The measurement is performed by lifting the measuring surfaces by means of a lever.

Analog and digital dial gauges can be connected

The three-point internal quick-action probe is equipped with a preset spring element that guarantees a defined measuring force. In addition, the probe has a receptacle to which commercially available analog and digital dial gauges or fine pointers can be connected (8mm/H7). By coupling the probe with a high-quality analog or digital fine pointer, a measurement with an error of ±2 µm is possible. Inductive probes can also be used for measurements, which transmit their measurement result to a display module by radio or cable.

Versatile accessories for the quick probe

As an accessory for the three-point internal quick probe, Feinmess offers interchangeable measuring heads in numerous sizes. Bore diameters from 6 to 12 mm are measured with three measuring heads, each covering a measuring range of 2 mm (6 to 8 mm, 8 to 10 mm and 10 to 12 mm). For bores with 12 to 20 mm inside diameter, two measuring heads with a measuring range of 4 mm each are available (12 to 16 mm and 16 to 20 mm). Bores with an inside diameter of 20 to 50 mm are covered by four measuring heads with a measuring range of 5 mm or 10 mm each (20 to 25 mm, 25 to 30 mm, 30 to 40 mm and 40 to 50 mm). On request, Feinmess adapts the measuring surfaces of the three-point internal quick probe to the respective measuring task at the factory.

Further information under www.feinmess-suhl.de

As a European financial services provider, Helvetia wants to contribute to the sustainable development of the economy and society. As part of its Sustainability Strategy 20.25, the insurance group is pursuing the ambition of being "committed and there when it matters" in the area of sustainability, in line with its corporate purpose, as it says. To this end, the insurer says it is focusing on four areas that are relevant to its stakeholders and the industry: its own business operations, customers and products, investments, and culture and governance. Helvetia lists the CO2 neutrality of its own operations since 2017, the signing of the UN Principles for Responsible Investment in 2020 and the adoption of a responsible investment strategy in 2021 as milestones already achieved.

Improved sustainability rating

These efforts are now being rewarded: The recent rating upgrade to "A" (previously "BBB") by the independent rating agency MSCI shows that the various measures implemented in the area of sustainability over the past few years are being seen as very positive. "Helvetia has thus achieved the target of an "A" ESG rating by MSCI set as part of its Sustainability Strategy 20.25 and will continue to work vigorously on sustainability aspects and drive improvements," the company writes in a statement. According to MSCI's rating system (see picture), the company's "A" rating places it in the upper midfield. 

Kaspar Hartmann appointed Chief Corporate Sustainability Officer of Helvetia

Philipp Gmür, Group CEO of Helvetia, emphasizes: "Sustainability is a key success factor for our company. With our business model, we promote economic, social and ecological action and thereby deliver sustainable financial performance." The insurance company is therefore also strengthening its sustainability activities at an organizational level: Kaspar Hartmann is to become Helvetia's Chief Sustainability Officer. In this newly created function, he will implement and further develop the Group-wide sustainability strategy with even more clout. Kaspar Hartmann (46 years old) has worked for the company for 17 years in various management functions in Switzerland and abroad. Most recently, he very successfully managed the non-life business of Helvetia Austria.

Source and further information

Inkasso Suisse is the association of Swiss debt collection companies. Its members are committed to impeccable and professional debt collection. According to the association, more than 5 million debt collection cases with a volume of over 13 billion Swiss francs are processed on an ongoing basis. The members of the association thus provide a significant benefit to the Swiss economy, according to the statement.

With its Code of Conduct (CoC), Inkasso Suisse strengthens the protection of creditors' interests and protects consumers from abuse. Due to the high economic importance of debt collection companies in securing the liquidity of companies, compliance with the CoC is mandatory. Inkasso Suisse thus provides its members with clear guidelines on the principles to be observed in the practice of the profession.

Inkasso Suisse now enables all members to have their application of the CoC certified by the independent certification body of Swiss Safety Center AG. The certification body checks with the member whether the requirements of the CoC are fulfilled. The audited company undergoes a certification procedure in which the operational processes, documents, sales documents, etc. are checked for compliance with the CoC. It is checked whether the CoC is anchored in the company and is lived by the employees.

According to its own presentation, the association is setting new standards with this certification. Through certification, every member can proactively prove that the behavioral instructions specified in the CoC have been fulfilled. The certificate gives clients additional assurance that collection practices comply with ethical principles. 

Source and further information: inkassosuisse.ch

Cybercriminal gangs launch ransomware attacks to encrypt sensitive data from companies and extort a large ransom. Sometimes hackers even use a method called double extortion. They threaten the company to sell the stolen data online if the ransom is not paid. Meanwhile, cyberattacks with extortionist intentions are among the most dangerous threats to businesses. A look at various statistics shows how large the dimensions of this criminal scam are, as can be read at the security service provider Atlas VPN. 

1. hackers captured over 30 terabytes of sensitive data in 2022

Ransomware attacks have become increasingly efficient and devastating in their methods. Hackers stole more than 30 terabytes (TB) of personal and other sensitive data in 320 incidents in 2022, for example. The total number of ransomware attacks could be even higher. Many companies lack transparency in reporting incidents involving ransomware. In one prominent example, the largest semiconductor chip company, Nvidia, was hit by one of the largest ransomware attacks in the first half of 2022. Hackers from the group "Lapsus$" claimed to have stolen 1 TB of exfiltrated corporate data and demanded a ransom of $1 million. (Source)

2. ransomware volume doubles in 2021 and exceeds 600 million

If a company does not have its data secured in a cloud, it usually runs into big trouble in the event of an incident. Affected businesses either have to pay a hefty ransom or lose their data forever. Research has shown that global ransomware volume will increase by 105 % in 2021. (Source)

The total number of ransomware attacks is nearly 20 attempts per second in 2021. The U.S. is significantly more affected than any other country, with 421.5 million ransomware attacks (see below). Cybercriminals launched 34.2 million ransomware attacks in Germany and 33.5 million in the UK. No data is available on Switzerland. However, a study by British security provider Sophos shows that 60 percent of Swiss companies have fallen victim to a ransomware attack in 2021. And a Listing of the trade magazine inside-it.ch provides an insight into a few impressive cases and shows that SMEs are also affected.

3. over 70 % of organizations have been affected by two or more ransomware attacks in the last 12 months

Once the hackers know that the company has vulnerabilities they can exploit, they target it multiple times. According to a 2022 report from data security services provider Veeam, 73 % of organizations were affected by two or more ransomware attacks in the last 12 months. The majority - 44 % of incidents - occurred via phishing emails, links and websites.

One of the reasons ransomware is so successful is that companies keep paying ransom. A whopping 76 % of companies affected by ransomware in the last twelve months (January 2022 survey) paid the ransom. Yet nearly one in four companies (24 %) were unable to recover their data afterwards. (Source)

4. companies in Japan and the Netherlands paid the highest ransoms

Companies in Japan paid an average of nearly $4.3 million in the largest ransomware attacks in 2021. In addition, companies in the Netherlands paid an average of $2 million in ransom to cybercriminals (Source). In a survey of 5,600 IT professionals at mid-sized companies (100-5,000 employees) in 31 countries, 79 % of companies in the media, leisure and entertainment industry were affected by ransomware attacks in 2021. Retail is the second most common target of ransomware, with 77 % of businesses reporting having suffered an incident.

5. nearly half of global attacks target the U.S. in 2021

Ransomware can become a powerful weapon in the hands of cybercriminals that can cause financial and reputational damage to an organization. In 2021, 1,352 (48 % of all incidents) ransomware attacks targeted the United States. 146 attacks targeted French companies. In addition, companies in the industrial and energy, retail, and financial sectors were among the most threatened sectors. The industry and energy sector was affected by 599 ransomware incidents globally in 2021, while threat actors targeted retail companies in 545 attacks. (Source)

Billions of people come into contact with Bühler Group technologies every day to meet their basic needs for food and mobility. Some 65 percent of the wheat harvested worldwide is processed into flour on the mills of the Swiss company. Founded in 1860, the family-owned company with around 12,800 employees is today a globally active hidden champion - especially in the field of digitalization.

Central platform for 135 countries

In the private sphere, e-commerce is a daily companion. This trend is also becoming more and more apparent in industry. The goal of the Bühler technology company was to offer customers optimum service for their individually manufactured machines - a service that they are also familiar with in their private lives. In other words, a central platform for all customers who want to obtain information, place an order, or make a complaint. What sounds simple is a mammoth task for a company like the Buhler Group, which operates in 135 countries around the world. Huge volumes of data, different systems, non-transparent processes: These were the basics.

Bühler Group relies on German service provider

The Bühler Group has entrusted the Radolfzell-based company Sybit GmbH with the development of the new platform. According to its own information, this long-standing SAP consulting company offers holistic process consulting from analysis and strategy planning, through design and implementation, to comprehensive application management services based on SAP Customer Experience Solutions. And it works fast: Because six months later, the first basic store was up and running, which grew into the full-blown portal myBühler with currently 13,000 users in 135 countries. There, customers have direct and uncomplicated access to information and documents about machines, parts, and the status of quotations and orders. "Behind the customer portal lies an enormous amount of data, but the system copes very well with the different ways in which it is presented," explains Markus Keh, project manager at Sybit GmbH. Based on SAP Commerce Cloud, Sybit implemented the Product Cube: a product information system that enables the management of structured as well as unstructured product data. This means that multimedia content can be easily added to the product data. Due to the high performance, even large amounts of data can be imported quickly.

Global Incident Management as a further step

"We are more than satisfied with the decision in favor of Sybit as our consulting and implementation partner. Thanks to the trusting cooperation and the step-by-step, flexible implementation, the realization of the product cube project was a complete success," sums up Nataly Hüeblin,Senior Information System Engineer at Bühler AG. 

Users can also order services and spare parts via the customer portal. Based on the SAP Service Cloud, Bühler also built a Global Incident Management system that creates a global standard for processing incoming customer incidents and service requests. Service-related customer communication now takes place in one central location - regardless of whether the customer contacted us by e-mail or via the portal, or whether the ticket was created manually.

Source and further information: Sybit GmbH

In the course of the discussions surrounding the electricity shortage and the energy turnaround, nuclear power plants are experiencing something of a renaissance: they are capable of supplying very large amounts of electricity, and doing so without emitting CO2. That's why the EU recently classified them as "sustainable." Proponents of nuclear power could now get another argument, and this from the USA - which is rather favorable to nuclear power plants anyway: artificial intelligence for reducing the high operating costs of nuclear power plants.

Nuclear power plants: maintenance and safety generate high costs

Nuclear power plants may not pollute the air, but they have other disadvantages: they produce radioactive waste, the disposal of which is highly problematic. And nuclear power plants are expensive to operate: The biggest cost factor in operating a nuclear power plant is the constant monitoring and maintenance - the older the plant, the higher the expense. Not only since Chernobyl have we known what can happen if safety systems are not operated properly. Could intelligent, computer-controlled systems now not only make nuclear power plants safer, but also increase their economic efficiency? Scientists at the U.S. Department of Energy's (DOE) Argonne National Laboratory are working accordingly on systems that could use artificial intelligence to make nuclear power more competitive. "Operation and maintenance costs are of great concern for nuclear power plants because they currently require a large number of on-site staff and extensive maintenance," Roberto Ponciroli, a senior nuclear engineer at Argonne, told the web portal Techexplore.com. "We believe autonomous operation can help improve their profitability and also encourage the adoption of advanced reactor designs." The Argonne National Laboratory research project aims to develop a computer architecture that could detect problems early and recommend appropriate actions to human operators. Ponciroli and his colleagues estimate that this technology could save the nuclear industry more than $500 million a year.

AI takes over monitoring and helps with decision making

Already today, the various system components of a nuclear power plant - valves, pumps, heat exchangers, etc. - are monitored by sensors. However, like other components, these sensors can be damaged. For this reason, they must be continuously checked by employees. This is done, for example, by regular inspections of the plant. The researchers' idea: What if algorithms could now check the data by learning how a normal sensor works? Then they could look for anomalies, i.e. AI would interpret the signals from the sensors and recommend specific measures. Ponciroli gives an example: "Suppose an indicator on your car's dashboard alerts you to a tire that is underinflated. You know you don't have to stop immediately, but you might decide to slow down a little to avoid a blowout until you can fill the tire with air." We see the information (low air pressure), evaluate it (stop or continue?), and take action (continue, but at a lower speed). AI can now mimic this logic. In a nuclear power plant, computers could thus detect problems and alert operators as early as possible to optimize control and avoid more expensive repairs. At the same time, computers could prevent unnecessary plant maintenance.

Optimize existing systems

Researchers at Argonne National Laboratory have now developed such a computer simulation, or a digital twin of a nuclear reactor. They have succeeded in completing systems to control and diagnose its virtual parts. The rest of the project will focus on the system's decision-making capability - what it does with diagnostic data. The goal of the research should be a system architecture that links multiple algorithms. An existing analysis tool for modern reactors will be used, and engineers will adapt it accordingly. It should be flexible enough to be used for existing reactors as well.

Sources: SwissCognitive; Techexplore.com

Multi-cloud services provider VMware has released its eighth annual Global Incident Response Threat Report. This provides deep insight into the challenges security teams face in times of pandemics, burnout and geopolitically motivated cyberattacks. Sixty-five percent of security professionals say cyberattacks have increased since Russia's invasion of Ukraine, the report finds. The report also sheds light on new threats such as deepfake, attacks on APIs and cybercriminals targeting incident responders.

Bypass security controls with Deepfake

"Cybercriminals are now incorporating deepfakes into their attack methods to bypass security controls," said Gerd Pflüger, systems engineer for network and security virtualization at VMware. "Two-thirds of respondents to our report experienced malicious deepfakes being used as part of an attack. This represents a 13 percent increase over last year, with email being the most common transmission method. Cybercriminals are no longer just using synthetic video and audio for influence or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environments."

Stress as a problem with security teams

In addition to the new risks, the report also points to other issues facing enterprise security teams:

• Burnouts among cyber professionals remain a critical problem. Forty-seven percent of incident responders said they had suffered from burnout or extreme stress in the past 12 months. There is only a slight decrease here from last year's 51 percent. Of this group, 69 percent (down from 65 percent in 2021) of respondents have considered leaving their job because of it. However, companies are working to counteract this: more than two-thirds of respondents said their workplaces have implemented wellness programs to combat burnout.
• Ransomware actors rely on cyber extortion strategies. The prevalence of ransomware attacks, often supported by the collaboration of cybercrime groups on the dark web, is still unchallenged. Fifty-seven percent of respondents have faced such attacks in the past 12 months. And two out of three respondents have encountered affiliate programs and/or partnerships between ransomware groups, as prominent cyber cartels continue to harm businesses through double coercion techniques, data auctions and extortion.
• APIs are the new endpoint and represent the next frontier for attackers. As workloads and applications proliferate, 23 percent of attacks are directed at API security. The top types of API attacks include data spying (42 percent of respondents in the past year), SQL and API injection attacks (37 percent and 34 percent, respectively), and distributed denial of service attacks (33 percent). 
• Lateral movements are the new battlefield. They were seen in 25 percent of all attacks, with cybercriminals using everything from script hosts (49 percent) and file stores (46 percent) to PowerShell (45 percent), business communications platforms (41 percent) and .NET (39 percent) to probe networks. An analysis of telemetry in VMware Contexa, a full-fidelity threat intelligence cloud integrated with VMware security products, found that in April and May 2022 alone, nearly half of the incursions contained a lateral movement event.

Successes in the fight against cybercrime

Despite the increasing threats detailed in the report, incident responders are demonstrating success, with 87 percent saying they are able to disrupt cybercriminals' activities sometimes (50 percent) or very often (37 percent). They are also using new techniques to do so. Three-quarters of respondents (75 percent) say they now use virtual patching as a contingency mechanism. In any case, the more overview defenders have of the ever-growing attack surface, the better equipped they are to weather the storm.

Source: VMWare