Orange Cyberdefense Security Navigator 2023 – Research-driven insights to build a safer digital society


With the return of war in a largely Digitized Europe, especially after the COVID episode that accelerated the digital transformation of our societies, a new strategic phase is beginning. In this context, one thing is clear from the opening of this Security Navigator: more than the threat itself, it is the uncertainty that has reached an unprecedented level. It is no longer the time for isolated, one-off storms that can be avoided or dealt with. Health, geopolitical, industrial, financial and logistical crises are intertwined, making it difficult to analyze them and to predict their evolution.

In this singular context, the ability to make quick and sound decisions, despite uncertainties and financial constraints, will be a determining factor in ensuring the digital resilience of our organizations. Supporting CISOs and CIOs in their decision making is the main purpose of our Security Navigator 2023.
Our contribution is based first and foremost on the evolution of the threat that we have observed through our operational activities, on the analysis we have made of it and on the lessons we have learned. This is the core of the Security Navigator, fed by the almost 100,000 incidents investigated this year by our SOCs and CyberSOCs, by the 3 million vulnerability scans performed by our Vulnerability Operations Center (VOC), or by the 1,200 reports written by our pentesting team.

This field data, which we are happy to share with you, allows us to identify the underlying trends that are being confirmed (for example, the untenable pressure of vulnerabilities, with an average patching time that we observe to be 215 days), the technical and geographical evolutions (particularly in terms of ransomware), but also to study the scope and impact of the major events that marked the past year, whether geopolitical (war in Ukraine) or technical (Log4j crisis).

Knowing the threat also means knowing that it is constantly evolving: defending ourselves therefore means drawing all the lessons from 2022, but also admitting that we will have to face new threats in 2023. Beyond the historical data, we want to share with you testimonies, stories and reflections which, even if no situation is identical, are sources of inspiration for what the future might have in store.
This is the strength of the defense community that we must embody. We invite you to discover, throughout the pages of this Security Navigator, the stories of our CSIRT and ethical hacking teams, articles on cyber decision-making mechanisms, or our feedback on the operational management of the Ukrainian cyber crisis.

In this respect, the approach adopted by the Ukrainian government is a particularly enlightening example that should also inspire us for the years to come. Ukraine has indeed managed to avoid the cyber collapse that was predicted, by relying on the triple support of States, the private tech sector and individuals:
▪ First of all, the States, which provided valuable support in terms of intelligence on the threat;
▪ Secondly, the private sector, including of course cyber security companies, but also cloud providers who helped ensure the resilience of Ukrainian data;
▪ Finally, individuals, who are stakeholders in the current cyber conflicts: the warring parties are trying to unite isolated hackers around the world for their own benefit.
Without going into the realm of the offensive, this 3-layer approach can inspire us for defense strategies: it is key for each organization (1) to have the support of the state agencies of the countries in which it operates (2) to rely on trusted private cyber partners (3) to place humans at the heart of the defense system (awareness, but also mechanisms for reporting alerts).

Finally, let’s mention a last approach that can help us make the right decisions tomorrow: trying to reduce the level of uncertainty. Such an objective is necessarily a long-term one and requires a reduction in the externalities and dependencies that feed uncertainty. This approach is that of sovereignty. At Orange Cyberdefense we are convinced that this is one of the trends that will structure the cyber world of tomorrow, and that we must build it today.

Whether it’s sharing data, learning from best practices or learning how to control our future dependencies, we have to learn from each other to meet the cyber challenges we face with our limited resources. The effects of such an approach are already being felt: the data you are about to discover demonstrates a reduction in incidents affecting the customers we protect. While we should obviously not see this as a weakening of the threat and relax our efforts, this observation should nevertheless inspire us with hope: despite the uncertainties and constraints, victory is possible. This Security Navigator invites us to build it together: we hope you enjoy reading it!


political situation has not left us untouched. The full impact of the war has yet to be determined, and we take a closer look in a separate chapter. There are some internal changes too: our analysts have started adopting a new classification system, which allows us much better insight into what has actually happened. We collected incidents from CyberSOCs all across the world and normalized the data as part of the analysis process.
Additionally for the first time we have also correlated these data sets with information obtained from vulnerability management and Penetration Testing reports, but also World Watch data and observations from across our CERT, Epidemiology Labs and other research teams to draw a more accurate picture of how we got here, and how these tendencies will likely shape the future. While some of these data sets have their own chapter in this report, we constantly consider them to validate our conclusions.
As mentioned in previous reports: when reading this it is important to keep in mind that all of these incidents are in fact attacks that were prevented and stopped. While this is reaffirmation that our clients are well protected, it is also important not to fall for what is called “survivorship bias”


Download & read the complete report below 👇👇👇


Leave a Reply

Your email address will not be published. Required fields are marked *