Research + Tech

Phishing remains active cybersecurity threat to businesses

IBM research found more than two in five of all cybersecurity incidents in 2022 involved phishing as the pathway to compromise, according to Construction Dive.

Three in five of all phishing attacks were conducted through attachments, according to IBM Security X-Force’s annual threat intelligence report released in February. Phishing via links accounted for one-third of all phishing attacks. One-quarter of attacks involved the exploitation of public-facing applications, and 16% abused valid accounts for access. Only one in 10 attacks involved external remote services.

The consistent prevalence of phishing attacks underscores the need for organizations to focus on people, process and technology, according to Stephanie Carruthers, global head of innovation delivery and chief people hacker at IBM Security X-Force Red. Phishing has enjoyed long-standing success as an initial access vector, and attackers are constantly innovating their approach to keep phishing alive and thriving, Carruthers says.

The latest phishing tactics should be shared with employees so they know what to look out for. Thread hijacking, which involves a threat actor hijacking an email account and responding to email threads pretending to be the original victim, doubled in 2022.

A majority of penetration tests IBM Security X-Force Red ran for clients in 2022 revealed improper authentication or handling of credentials. Many organizations lacked visibility into applications and endpoints exposed through identity access management services, the report found.

The report is based on research data IBM Security X-Force gathered in incident response engagements throughout 2022, in addition to vulnerability and exploit databases and network and endpoint tracking.

Construction technology funding held steady during 2022

A report from Monterrey, Mexico-based construction technology venture capital firm Cemex Ventures reveals the construction technology industry showed resilience during adverse economic conditions as investment during 2022 held steady at around $5.38 billion, according to Construction Dive. The funding was only slightly less than $5.4 billion in 2021.

More than 80% of investment in the market was in North America and Europe in 2022. Within those regions, the most active country was the U.S., where 97 startups have their headquarters and 42.5% of all construction technology investment dollars flowed. The next most active country, the U.K., had 20 startups and 8.8% of funding dollars.

Cemex Ventures predicts construction technology investment will continue to hold steady in 2023 with an expectation that economic issues will begin to abate and provide a path forward at the end of the year.

The report highlights four key areas of investment in the construction technology field that will continue to be important to the industry: enhanced productivity, future of construction, green construction and construction supply chain.

• Enhanced productivity: Digital solutions aimed at increased efficiency in construction by improving stakeholder collaboration, communication and coordination. Examples include subsurface mapping and data-driven construction improvements for time and speed. This area represented 53% of construction technology’s total investment in 2022, more than any other category.
• Future of construction: Programs such as artificial intelligence, advanced building materials, industrialized construction methodologies, robotics and machine-assisted applications such as 3D printing robots, BIM and autonomous equipment. This area received 20.6% of funding in 2022.
• Green construction: Processes, products and services that Cemex Ventures predicts will be in demand to offset the negative effects construction has on the environment. Firms in this category received 14.9% of 2022 construction technology funding.
• Construction supply chain: Construction supply chain solutions also will see growth, but it will be slowed because this is one of the most difficult operational areas to solve, according to the report. The segment received 11.4% of funding dollars in 2022.

The report indicates North America and Europe will continue to dominate shares of the construction technology market. However, it also notes there is concentrated construction technology innovation in Latin America and the Asia Pacific area.

WEB
EXCLUSIVE

• Web exclusive: Click below for more information.
• IBM Security X-Force’s report