Over the past several years, there has been a rapid emergence of companies, projects, and initiatives in what is broadly categorized as Web3. While monitoring that rapid innovation, the OODA research team has noticed a disproportionately high number of cybersecurity incidents that have the potential to negatively impact the Web3 innovation ecosystem, disrupt customer adoption of these technologies, and result in consumer and enterprise monetary losses.
OODA has compiled a Web3 incident database based on our research to categorize what compromises are taking place as well as document the cyberattack root causes. Tracking root causes provides insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks.
Also Read: Instead of the old one for Safer Internet Day
“We believe that Web3 technologies represent the future of innovation and will be highly disruptive to existing economic, technical, and cybersecurity models. However, with these great opportunities come cyber risks that must be appropriately managed to realize the full promise of these approaches”, noted OODA CEO Matt Devost. “By releasing this Web3 incident database, we hope to inform those risk models and provide useful constructs for managing cyber risk in the future.”
The Web3 incident database currently documents 155 incidents that have resulted in over $61 Billion Dollars in lost value (in today’s dollars) with the root causes of the most costly incidents being primarily insiders, contract flaws, intrusions, and social engineering.
Analysis of the data indicates the number of incidents attributed to a root cause does not correlate to the value lost in an incident. The largest number of incidents are intrusions by unauthorized adversaries, with 36% of the incidents being in this category. But this accounts for only 14% of the total loss. Only 9% of the incidents were attributed to insiders, but this accounts for 52% of the total value lost.
For more such updates follow us on Google News ITsecuritywire News