Ok, we get it, 2020 was a hot mess. This will be remembered as the year of failed sourdough starters, daytime versus nighttime pajamas, laundry room conference calls, and Zoom Happy Hours everyone pretended to like. Although many people are finally used to their working from home routine, I have to admit, it’s hard imagining what the long winter ahead will look like.
Frankly, there is a lot to be worried about. In the cybersecurity industry alone, we saw a 500% increase in cyberattacks after the pandemic began, with seven times more ransomware and new attack vectors.
So as the nights get darker and the days get more gray, I wanted to battle off the dread with a little metaphorical sunshine. Here are three security statistics that gave me a boost of hope in the darkest of times.
Vulnerability Submissions are Up 50%
The new threat landscape is leading to a business boom for locksmiths, not just for burglars. Bugcrowd received 50% more submissions in the last 12 months than the year prior.
While government lockdowns and quarantine periods meant more time spent at home, this led to an increase in time spent on the Bugcrowd platform, causing higher activity and more results. In the midst of so many forgotten “quarantine resolutions,” I’m happy to see at least some people made the most of the extra time.
65% Increase in Most Critical Vulnerability Submissions
Another bit of good news – hackers are finding more bugs with greater accuracy. In the last 12 months, we’ve seen a 65% increase in P1 submissions, the most critical vulnerabilities, and overall submission quality improved as the validity of vulnerabilities increased by 4%.
On the other side, payouts in this category are also increasing. We saw a 31% increase from Q1 to Q2 in payouts for P1 vulnerabilities.
79% of organizations felt at least moderately prepared
A recent report asked organizations how prepared they were for the shift to remote work, from a security perspective. It could definitely be higher, but 79% isn’t a bad start, especially considering the expanded security concerns in remote-first working environments.
There has been a spike in the black market values of home office exploits in equipment such as printers or routers. The positive impact of this has been hardware manufacturers responding by investing in testing and revisiting their crowdsourced security programs.
The New Decade in Crowdsourced Security
As crummy as this year has been, it’s nice to know that companies are still prioritizing security, investing more in the use of the Crowd to identify vulnerabilities and get ahead of the bad guys.
Here at Bugcrowd, we’re excited to be launching a new report on December 2 that dives into these statistics and plenty more. If you’re interested in learning more about how COVID-19 impacted the industry and the implications for the next decade of crowdsourced security, keep your eyes peeled for our upcoming report, Priority One: The New Decade in Crowdsourced Security.