Kimaya Wentworth

Active member
Mar 25, 2020
Earlier this month, the CompTIA ISAO issued its 1,000th threat report, providing members with real-time intelligence and analysis that helps raise the cyber resilience of the whole IT industry. Considering October is Cybersecurity Awareness Month, the timing seems only appropriate.
The CompTIA ISAO issued its first threat report on August 19, 2020. Since then, we have seen a steady rise in the average daily number of threat reports that publish. We saw a peak this past July, with just under 11 threat reports per day. Given the cyberattack against Kaseya that took place over the July 4 holiday weekend, this makes sense. The next largest peak of activity took place in February 2021, which averaged just under nine threat reports per day. Most recently, September and October 2021 witnessed just over eight and six average threat reports per day, respectively.
All this confirms a known fact. Cyberattacks are increasing, but so is the sharing of critical cyber threat intelligence, the raw source data that informs our threat reports. This means that CompTIA ISAO members know more than ever about the evolving threat landscape and the threats that pose immediate risk to their businesses as well as those of their customers.
More Threats, but More Safety Measures Taken
Since the first report, we have averaged more than 71 threat reports each month (more than two per day). That may seem like too much information to ingest, but thanks to our team of cyber analysts and other contributors, these reports are intentionally designed to be easily consumed and acted upon. They contain actionable information to help you avoid, defeat, or recover from an attack.
We do this by first categorizing our threat reports into six buckets. Breaking New Reports are threat alerts that highlight active exploits, zero-day attacks or known vulnerabilities that present a high risk of successful attack. This is the most time sensitive type of alert the CompTIA ISAO generates as it contains specific information related to the threat and mitigation recommendations to address the threat. These are classified by severity: low, medium, and high, based on the potential impact to our members as well as being classified by Traffic Light Protocol (TLP), which governs the sharing of this information within your own organization, your customer or partner organizations or the broader constituent communities.
Continue reading more:


  • p0005452.m05118.cyber_threat_analysis_cam.jpg
    112.5 KB · Views: 0