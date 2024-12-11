On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of November.

December is prime time for cyberattacks and data leaks, especially in the United States, where organizations and employees are in holiday-season mode between Thanksgiving and New Year’s. For some industries, this time period means an overload of internet traffic, and the focus is on keeping business operations running. For other industries, operations are heading into a shutdown or preparing for a minimum workforce available.

Threat actors know this and see this period as prime time to launch an attack, or, as CISA pointed out, the December holiday slowdown “provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”

Keeping up with cyber threats is difficult enough in the best of times, but how do organizations keep their data and networks safe when employees are distracted (and not following best cybersecurity practices) or the security staff is an on-call skeleton crew? We talked to 18 cybersecurity professionals across a variety of industries to learn how their organizations approach security during the holiday season.