SophosLabs 2020 Threat Report

“Cybersecurity” is a term that encompasses a wide array of protective measures across several domains of specialized knowledge. In other words, security has a lot of parts. As security practitioners, it’s our mission not only to build the new tools needed to arrest threats effectively, but to help make sense of the wide-ranging nature of what constitutes security, in 2020 and beyond.

We have to make sense of the security environment as much for ourselves as for the customers or clients we serve. Better understanding drives better decision-making. Ultimately, this approach to security progresses us towards our goal of securing people and the information systems on which they depend.

Every year, criminals adapt to the best-defenses from operators and vendors in the industry. At the same time, defenders must protect systems and processes with new functionality (read: attack surface area) constantly being introduced, and with an ever-increasing global interdependency on these systems’ operation.

But you can’t defend against what you can’t understand. It isn’t always easy to visualize complex attack scenarios, especially given that the resultant cat-and-mouse game between attackers and defenders helps shape future threats. Our report this year reflects both the broader range of the security domains we now observe and defend, and the wider reach of adversaries into new territory.

As cybersecurity practitioners—whether our role is in operations, research, development, management, support, strategy, or some other function—every day presents us with opportunities to better understand and explain the nature of cyberattacks. Such an understanding demands precision; Explaining it in a way that’s approachable by the widest possible audience demands accessibility. The best security can do both: Protect and educate, defend and inform.