Which cybersecurity attack is currently your highest priority (to defend against)?

People & LeadershipStrategy & Architecture

Ransomware and multifaceted extortion34%

Business email compromise42%

Third-party vendor compromise (supply chain)15%

Cloud security incidents5%

I have no idea1%

738 PARTICIPANTS
4.1k viewscircle icon2 Upvotescircle icon1 Comment
Sort by:
Group Director of Information Security in Bankinga year ago

Attacks are a symptom. Attack vectors are more important to identify. As an example; Your choices of Ransomware, Cloud security incidents or even 3rd party vendor compromise, the attack vectors is 'identity compromise'. Identity compromise can happen via insecure account credentials, loss of API keys and secrets, session cookies ,  tokens or inadequate use of OTPs. Now if I flip your question to read, 
"Which cyber security attack vector is your highest priority?" 
I would answer in below order of priority:

1. Credentials / identity loss of web facing applications ( missing SSO/PAM integration).
2. Patchable vulnerabilities exploitation of web facing applications and endpoint desktops. (Broken / insufficient patch management process)
3. Compromised credentials on admin endpoints (Inadequately configured EDR and missing least privilege access user account on privileged user endpoints, making them susceptible to phishing attacks).

Content you might like

Which cybersecurity metrics do you currently use with your board?

Read More Comments

We use Microsoft PowerBI extensively at the company. Over 15,000 reports.
For our "corporate" reports, like financials or HR, we centralize those requests and attend them with my team.
We currently "extract" information from multiple systems (ie. SAP, SuccessFactors, CRM, etc...) and put in into a SQL Analysis Services. For interpreting the data we have a Semantics model in PBI.
The problem I see is we can't scale enough to comply with the reporting demands as the semantic model is "unique" and we end up having only one or two developers that can work at a time. 
Anyone has an idea how to scale their PBI teams without having to redevelop the semantic model per report?

What are the biggest technical challenges preventing organizations from being able to use their existing data to enable digital transformation?

Finding data and putting it to good use13%

Controlling the security and privacy of data45%

Understanding how data is currently being used20%

All of the above19%

None of the above1%

View Results

How confident are you in letting AI agents take autonomous actions after a SIEM or XDR alert?
Are you using them today? If not, what’s holding you back?

Read More Comments

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results
Which cybersecurity attack is currently your highest priority (to defend against)? | Gartner Peer Community