Digital forensics incident responders worry most about ransomware, but risks associated with remote work are also top of mind. Credit: Getty Images The rise of ransomware attacks that occurred after the global pandemic in March 2020 remains a problem. However, ransomware is not the only threat. According to a new report from IDC and Magnet Forensics, the significant lack of cybersecurity skills gap and a plethora of other cyber risks are growing concerns. State of Enterprise DFIR highlights the impact of hybrid work and the growth of data volume on digital forensics incident response (DFIR) teams. It also provides an overall assessment of the global state of DFIR across industries, with the three most prominent being financial services, healthcare, and technology.Workplace scenarios are now parameter-less, involving BYOD, mobile devices, and cloud infrastructure. This hybrid work environment provides threat actors with a significantly larger attack surface. Similarly, BYOD devices such as laptops and mobile devices are often unsecured, posing a significant risk of data breaches and insider threats. For example,38% of respondents working in the financial industry considered insider threats as the top challenge. According to Magnet Forensics CEO Adam Belsher, “The best strategy to address the threat of insiders combines preventative and reactive measures. A robust data loss prevention program could detect potential data breaches and exfiltration, which can then be investigated using digital forensic tools that deploy remote agents.” Increase in DFIR resources needed and expectedThe report surveyed nearly 500 DFIR professionals and provides a deeper look at the rising cyber threats and the conditions of DFIR within various organization sectors. Findings include: 59% of the respondents expect significant investment in DFIR.Nearly half of the respondents identified cloud forensics requiring significant additional resources.Ransomware remains a rising problem, with one in four respondents identifying it as the most frequently encountered threat.Nearly a third cited growing data volumes as to the most challenging aspect of their job.Monetary damages from ransomware prevail; 5% of respondents revealed they paid over $1 million.Endpoint threats the number one riskSome of the most common security threats that the respondents identified are:Malware and ransomware infected endpoints (40%)Loss of record containing personally identifiable information (14%)Lost or stolen endpoints (13%)According to the respondents, the same security threats will most likely prevail within the next two years. The respondents identified some of the following security threats as significant: 29% highlight malware and ransomware infected endpoints.10% are concerned over business email compromise attacks.10% consider internal fraud as a significant concern.9% worry over the loss of substantial intellectual property.Ransomware remains one of the top security concerns, probably because these attacks continue to become more sophisticated. Another challenge for Digital Forensics is the skills shortage, said 32% of the respondents. “The cybersecurity skills gap is one of the most difficult challenges today in our industry,” says Belsher, “particularly because it’s occurring when we’re seeing concurrent record increases in cybercrime.” Related content brandpost Sponsored by Microsoft Security Building an AI strategy for the modern SOC Transforming SOC teams with the power of AI—identify the highest risk areas, cybersecurity maturity, existing architecture and tools, and budgetary constraints…just to name a few. By Microsoft Security May 23, 2024 5 mins Security news Tracking manual attacks may deliver zero-day previews According to analysis from LexisNexis, human-based digital fraud attacks are increasing more quickly than bot-based attacks — a difference CISOs should leverage for their defenses. By Evan Schuman May 23, 2024 4 mins Cyberattacks Fraud Cybercrime news analysis Microsoft amps up focus on Windows 11 security to address evolving cyberthreats In addition to its Copilot+ secure-cored PC, the company announced enterprise security enhancements, admin privilege changes, and the deprecation of legacy authentication protocols. By Lynn Greiner May 23, 2024 7 mins Windows Security news LockBit no longer world’s No. 1 ransomware gang After dominating for eight months, LockBit has been overtaken by ransomware gang Play in the wake of a law enforcement crackdown and unmasking of LockBit’s alleged creator. By Viktor Eriksson May 23, 2024 2 mins Ransomware Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe