NTT Security has launched its 2019 Global Threat Intelligence Report (GTIR), which reveals finance as the most attacked sector in EMEA, accounting for 30% of all attacks – compared to 17% globally. It knocks business and professional services off the top spot, which was last year’s most attacked sector at 20%.   NTT Security summarises data from trillions of logs and billions of attacks for the 2019 GTIR, which analyses threat trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies. In the new report, NTT Security continues its analysis of attacks against 18 industry sectors and shares its observations of the challenges faced by organisations globally.   The GTIR also reveals that the finance sector is joined by business and professional services (24%), technology (17%) and manufacturing (9%) in the list of top four attacked industries in EMEA. Web application attacks are largely to blame, accounting for over 43% of hostile activity against these sectors, which is well above the global average of 32%.   The finance industry in EMEA experienced a sizeable increase in web attacks, almost doubling from 22% to 43% over the last year, reinforcing its vulnerability to cybersecurity attacks. Similarly, manufacturing experienced a massive surge in web attacks (rising from 9% to 42%), although the overall attack volume across EMEA decreased.   Kai Grunwitz, SVP NTT Security EMEA, says: “Finance is yet again on the top spot when it comes to targeted attacks, which surely is enough evidence to convince the board that cybersecurity is a must-have investment. Sadly, many financial organisations are moving forward with digital transformation but without security built-in. While legacy methods and tools are still quite effective at providing a solid foundation for mitigation, new attack methods are constantly being developed by malicious actors. Security leaders should ensure basic controls remain effective, but they must also embrace innovative solutions if they provide a good fit and true value.   “Some of the most prevalent activity in EMEA during the past year was related to web-application attacks – and it’s not surprising. These attacks most often rely on leveraging an exposed unpatched vulnerability or misconfigured system, targeting organisations with high volumes of sensitive data. The consequences could be devastating as it could be used for financial gain, industry superiority or corporate espionage. Our GTIR once again highlights the fact that critical vulnerabilities – both old and new – need to be patched as quickly as possible in client environments, especially given the convergence of IT with Operational Technology.”   Elsewhere in the GTIR, attacks from sources within China against all targets in EMEA dropped nearly 40% to 13% – following closely behind the United States at 16%. Although this does not imply the actual attacker has changed; rather the source of the attacks has changed. Interestingly, the top five attacked sectors in EMEA experienced more attacks from within EMEA than from any other region (75%). This supports the common notion that attackers tend to leverage attack sources near their targets, an observation which was demonstrated stronger in EMEA than other regions.