2023 Active Adversary Report for Security Practitioners

Most active adversaries don’t deliberately target a particular organization. Instead, they scan and look for organizations with gaps in their security defenses and then go in for the kill. This year, we found that these cybercriminals target organizations outside of typical working hours and increased their hashtag#DwellTime to reduce defenders’ response windows.

As bad actors’ techniques evolve, cybersecurity teams need to increase friction wherever possible. Layered defenses, hashtag#MFA, and 24/7 protection keep attackers at bay.