Attack Sophistication Varies Depending on Company Size and Vertical

New cybersecurity report exposes how compromises impact organizations differently depending on size and industry

MIAMI – September 15, 2022 – Attackers view smaller organizations as having fewer security protocols in place, therefore requiring less effort to compromise. Lumu, creators of the Continuous Compromise Assessment cybersecurity model that empowers organizations to measure compromise in real time, has found that compromise is significantly different for small businesses than for medium-sized and large enterprises. Today, the company released its 2022 Compromise Flashcard, which looks back on compromise over the last year and tells the story of how different attacks impact organizations globally. 

“There is no silver bullet for organizations to protect themselves from compromise, but there are critical steps to take to understand your potential exposure and make sure that your cybersecurity protocols are aligned accordingly,” says Ricardo Villadiego, Founder and CEO of Lumu. “Year after year, we see that compromise stays undetected for long periods of time  – 201 days on average with compromise detection and containment taking approximately 271 days. It’s critical for smaller businesses to know they are more susceptible and to get ahead of the curve with safeguards.” 

Results from the Lumu Ransomware Assessment show a few reasons why attacks continue to stay undetected for such long periods of time:

  • 58% of organizations aren’t monitoring roaming devices, which is concerning with a workforce that has embraced remote working
  • 72% of organizations either don’t or only partially monitor the use of network resources and traffic, which is problematic given that most compromises tend to originate from within the network
  • Crypto-mining doesn’t appear to be a concern for the majority of organizations as 76% either do not know or only partially know how to identify it; however, this is a commonly used technique for cybercriminals to break into networks, as this type of threat is often dismissed by security teams. 

Additionally, threat data across Lumu’s 3,500 customer base unveils attack techniques used and how they vary based on the size of the organization. 

Lumu’s data shows that cybercriminals use different techniques to compromise different organization sizes. For small businesses, 60% of incidents start with a malware attack. Malware with basic Command and Control (C&C) contact capabilities seems to be enough to bypass the deployed protection controls of small businesses, which are usually less sophisticated than those of medium and large organizations. Data shows that adversaries employ Malware with  more complex techniques like Domain Generated Algorithms (DGA) to get through medium and large organizations. This type of technique allows adversaries to dynamically identify a destination domain for command and control traffic rather than relying on a list of static IP addresses or domains, making it increasingly difficult for security teams to identify and contain. 

KnowBe4 also contributed to the report, highlighting that risks associated with phishing depend on the size and vertical of the company. Data from KnowBe4 indicates that small and medium-sized healthcare and education organizations are most at risk for phishing. For large businesses insurance, consulting and energy & utilities are the most at-risk verticals. 

To view the full findings of the 2022 Compromise Flashcard, please download/view here.


About Lumu

Headquartered in Miami, Florida, Lumu is a cybersecurity company focused on helping enterprise organizations illuminate threats and isolate confirmed instances of compromise. Applying principles of Continuous Compromise Assessment™, Lumu has built a powerful closed-loop, self-learning solution that helps security teams accelerate compromise detection, gain real-time visibility across their infrastructure, and close the breach detection gap from months to minutes. Learn more about how Lumu illuminates network blind spots at

Press Contact

Ciara DiVita
[email protected]

Share this post

Latest Public Reports