Cybersecurity Briefing — January 29, 2020
ENISA published its 2019 Threat Landscape report highlighting top attack vectors like phishing, ransomware, and supply-chain compromises with recommendations for operators and policymakers.
Executive briefing: The EU Agency for Cybersecurity (ENISA) released the Threat Landscape 2019 report on , analyzing major attack techniques and incidents over the year. Phishing topped the list of threats, followed by ransomware, credential theft, and supply-chain compromises, with cloud and industrial targets noted as rising vectors.
Why it matters: The report benchmarks real-world trends and defensive gaps across sectors, providing a reference for updating enterprise risk assessments, tabletop exercises, and control roadmaps.
- Refresh risk register: Incorporate ENISA’s top threats into 2020 risk rankings and control owners.
- Exercise scenarios: Build phishing, ransomware, and supplier compromise scenarios into incident response drills.
- Strengthen supplier vetting: Apply software bill of materials and patch cadence expectations to third parties handling critical workloads.
- Measure detection: Validate phishing and ransomware detection pipelines with updated playbooks and user awareness training.