The Thursday edition of ‘Too Long; Did Read’ focuses on Fortinet’s Global Threat Landscape Report for the first half of 2022. In my experience, 7-8 weeks to go from data collection to a published report is a relatively tight deadline, but it means this data is still timely. I applaud Fortinet for making this report available without having to register, which is a rarity. The failure of this report is the use of the term, “prevalence”. I suspect most readers have never seen this term used in its data science context and no effort is made to clarify what it means. My suggestion is to read the text, but generally ignore the plots and graphs.
RegWall: No! https://www.fortinet.com/content/dam/fortinet/assets/threat-reports/threat-report-1h-2022.pdf
Target Audience: Technical, primarily for readers in the IPS space.
Length & Read time: 17 pages, 30-45 minutes. Taking notes, I spent 75 minutes with this report, with additional time researching prevalence in statistics.
Grade: C, average for the security industry.
Overall Impression: I was excited to read this report when I first saw it, but found myself becoming more confused as I read through the text and tried to make sense of the data visualizations. The Overview and Key Highlights section sums up the main talking points, but most lack the specificity I’d like to see.
If you only have a few minutes to devote to the report, read these sections: ‘Vulnerabilities in OT’, pages 7 & 8; ‘Ransomware Roundup’, pages 12-14. I also liked the review of wipers targeting the Ukraine and spilling over into other countries, pages 14-16. But I can’t recommend the report due to difficult to understand data representation choices.
Continue reading