Trend Micro Incorporated, a global cybersecurity leader, revealed a continued annual decline in its Cyber Risk Index (CRI) score, the figure stood at an average of 38.4 for the year, down by 6.2 points from 2023. The data shows a clear trend that organizations leveraging proactive security approaches are seeing measurable risk reduction.

Cyber Technology Insights: Styx Intelligence Raises $2.7 Million to Boost AI Risk Protection

Rachel Jin, chief enterprise platform officer at Trend Micro: “Trend customers are embracing our vision for proactive security by using the AI-powered Trend Vision OneTM  Cyber Risk Exposure Management to identify risk and prioritize mitigations. By getting on the front foot, they can build resilience, rapidly contain threats, and become more time and resource-efficient. It’s an approach that any organization can emulate with the right mindset and tooling.”

The CRI score declined each month throughout the year, from 42.5 in February to 36.3 in December. While organizations remain in the Medium Risk zone, the continued decline in CRI scores reflects real progress in cyber risk reduction. It highlights a growing shift toward continuous security assessment and risk-based decision-making.

Among the highlights from this year’s report are:

Most risky events: Risky cloud app access came top, followed by “stale Microsoft Entra ID account.” Rounding out the top 10 were email, user account and credential-related risks; many of them misconfiguration-related. Over one billion organizations were logged with multi-factor authentication disabled on Entra ID Accounts, highlighting a clear need for enhanced, automated identity security.

Average Mean Time to Patch (MTTP): The top detected and unpatched CVEs from 2024 were “high severity” Elevation of Privilege (EoP) vulnerabilities published in the first half of the year. Europe (23.5 days) and Japan (27.5 days) recorded the fastest MTTP of any region, while non-profits (19 days) and the technology sector (22 days) were the fastest verticals. Healthcare (41.5 days) and telecoms (38 days) were slowest. Trend offers virtual patches to protect customers on average three months before official vendor updates.

Cyber Technology Insights: Ransomware Attacks Up 132 Percent Despite 35 Percent Payment Drop

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com

Source – Prnewswire