Deloitte Cybersecurity Threat Trends Report 2023

Deloitte Cyber Threat Intelligence Assessment for Q1-Q4 2022

Cybersecurity really is a team sport. When we think this way, the rapidly changing adversary and overall threat landscape become less daunting. Deloitte Detect and Respond has created client-facing reports for years, but we are excited to share our first public-facing full year on cybersecurity intelligence trends and lessons learned.

Where does this data and analysis come from? It comes from collection associated with our world-leading incident response teams, Managed Security Services (MSS) and Managed Extended Detection and Response (MXDR) security operations, and intelligence teams, as well as our proprietary malware database containing more than 200 malware families and our collection crawlers covering more than 1.3 billion sites across the open, dark, and deep web.

Deloitte Cyber Threat Intelligence (CTI) analysts analyzed trends impacting the cyberthreat landscape. Analysis of trends is useful for threat forecasting, improving processes to ensure we are equipped to provide indications and warnings of evolving tactics, conducting program reviews to ensure timeliness and accuracy, cataloging activity to track changes to analytic lines, and efficiently reviewing defensive posture measures (e.g., endpoint detection, alerting rules, operator analysis, security tools, and business processes).


This report outlines the following:

  • Emerging and highly active threat actors
  • Advanced persistent threat actor scorecards
  • Cybercriminal threat actor scorecards
  • Hacktivist threat actor scorecard
  • Malware trends
  • Active malware heatmap


This report also includes the following recommendations:

  • Ransomware prevention
  • DDoS prevention
  • Access control (insider threat mitigation)
  • Hacktivism
  • Email server security

Fill out the form below to gain access to the report

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Did you find this useful?