Solid commercial sales lift PC market
Commercial sales of ‘traditional’ PCs (desktops, notebooks, and workstations) in the EMEA region saw healthy growth of 6.0% year-on-year in Q1 of 2019, according to IDC. Sales of both notebooks and desktops were up.
Consumer sales, meanwhile, fell 12.6% and the overall market was down by -2.7%, although this is a slower rate of decline than seen in previous quarters. The total market size was 17 million units.
Looking at Western Europe in isolation, traditional PC sales were up 2.8% with commercial up 10.7% and consumer down by -8.9%.
Windows 10 refreshes, ongoing mobility adoption, and the fulfilment of backlogs that had been caused by processor shortages helped to boost business sales. CPU shortages had still caused problem though, especially on low-end models,
The top three players accounted for 68.3% of total market volume, compared with 65.5% in Q1 2018.
• HP Inc. retained the top spot in EMEA, gaining 0.2% points YoY to reach 28.9% market share. It registered an overall decline of 2.2% YoY, as healthy commercial growth could not offset the double-digit decline in consumer.
• Lenovo (including Fujitsu) ranked second, reporting 24.5% market share (an increase of 1.2% YoY). This growth was boosted by an exceptionally strong commercial performance, supported by healthy growth for Fujitsu.
• Dell Inc. secured third place with a market share of 14.9% (up 1.5% YoY). The vendor achieved the strongest growth rate of the top vendors (+8.0% YoY), registering double-digit growth across both product categories in the commercial space.
• Acer retained fourth position with 7.0% market share (down 0.9% YoY). A strong focus on the consumer market made Acer more susceptible to its softness, leading to an overall decline of 13.9% YoY.
• ASUS claimed fifth spot with a share of 6.5% (down 1.0% YoY). As with Acer, consumer softness inhibited growth prospects for the vendor, leading to an overall decline of 14.6% YoY •
Trustwave has good and bad news on cybersecurity
The latest 2019 Trustwave Global Security Report shows that global threats are increasing and while the industry is getting better at detection, cybercriminals are also becoming more methodical and adaptive. improvements are being made by security vendors in terms of faster detection and response, but cybercriminals are also taking a more focused approach, using better cloaking techniques and improving their social engineering.
Key findings include:
Retail is a top target – retail experienced the highest number of incidences at 18%. The finance sector came in second at 11% and hospitality third at 10%. Email threats are more focused – Spam containing malware dropped to 6% in 2018 – down from 26% in 2017. ‘Sextortion’ emails were almost non-existent in 2017 but by the end of 2018 accounted for 10% of all spam.
Malware is getting harder to detect – the largest category of malware were downloaders at 13%, remote access Trojans (RATs) at 10% and web shells at 8%. Memory scrapers and dumpers used to steal payment card numbers from POS systems declined from 16% to just 8% due to improved industry regulations and policies. Two thirds (67%) of malware used obfuscation to help avoid detection – up from 30% the previous year.
Denial-of-service is biggest area of vulnerability – at 62%, denial-of-service (DoS) vulnerabilities accounted for the most discovered across all major platforms in 2018. Potentially more serious information disclosure and privilege-escalation vulnerabilities accounted for 8.7% and 8.1%, respectively.
Social engineering is the favoured way in – social engineering was the top method of compromise in 2018 in every environment other than e-commerce. In both cloud and POS, 60% of breach investigations were attributed to successful social engineering. In corporate and internal environments, the figure was 46%.
Phishing scams target fund holders – people with the ability to transfer company funds are being targeted with business email compromise (BEC) and CEO fraud attacks. A massive 84% of BEC messages used free webmail services, while 12% used spoofed company domains and 4% mis-spelled or lookalike domain names.
CNP data is the most valued by cybercriminals – card not present (CNP) data is the most coveted by cybercriminals, comprising 36% of breach incidents.
Marked improvements in threat response – the median time from threat intrusion to containment fell to 27 days, from 67 days in 2017. The median time between intrusion and detection for externally-detected compromises fell to 55 days, down from 83 days in 2017. Adoption of endpoint detection and response (EDR), behavioural analytics and stronger organisational security all helped.
Crypto-jacking dominates web-based attacks – the year-on-year rise of crypto-jacking malware was increase of 1,250%; it was almost non-existent in 2017. This approach uses malware to illegally mine cryptocurrency for cybercriminals on the computers of unsuspecting victims
Web applications are vulnerable – for a second year running, 100% of web applications tested possessed at least one vulnerability, with the median number of vulnerabilities rising to 15, up from 11 in 2017. While 80% of the 45,000 vulnerabilities discovered were low risk, the remaining 20% were medium to critical. The most common critical weakness involved omission of Microsoft Security Update MS17-010, which fixes the ETERNALBLUE vulnerability in the Server Message Block (SMB) protocol used for local network communication.
Corporate and internal networks are at most risk – 57% of incidents involved corporate and internal networks (up from 50% in 2017), followed by e-commerce environments at 27%. Incidents impacting POS systems decreased by more than half to just 9%.
Hiscox finds 61% of firms attacked at least once in past year
A separate report, from business insurer, Hiscox, detected a sharp increase in the number and cost of cyberattacks, with 61% of firms reporting one or more attacks in the past year – up from 45% in the previous report.
The Hiscox Cyber Readiness Report 2019 assessed the cybersecurity capability of over 5,400 organisations across seven countries. Less than 10% qualified as cybersecurity ‘experts’ and
Among the key findings:
• Cyber attacks reach a new intensity: More than three in every five firms (61%) experienced a cyber incident in the past year, up from 45% in the 2018 report.
• More SMBs are being attacked: While larger firms are still the most likely to be targeted, the proportion of small firms (with less than 50 employees) reporting an incident is up from 33% to 47%. Among medium-sized firms (50 to 249 employees) the proportion has leapt from 36% to 63%.
• Cyber losses soar: Among firms reporting attacks, average losses associated with all cyber incidents have risen from $229,000 last year to $369,000 – an increase of 61%. For large firms with between 250 and 999 employees, cyber-related losses now top $700,000 on average compared with $162,000 a year ago.
• More firms fail cyber-readiness test: Using a quantitative model to assess firms for their cyber-readiness, only one in ten (10%) achieved ‘expert’ status, slightly down from 11% in 2018. Nearly three-quarters (74%) ranked as unprepared ‘novices’.
• Cybersecurity spending up by a quarter: The average spend on cybersecurity is now $1.45 million, up 24% on 2018, and the pace of spending is accelerating. The total spend by the 5,400 firms in the survey comes to $7.9 billion. Two-thirds of respondents (67%) plan to increase their cyber security budgets by 5% or more in the year ahead.
Rapid rate of growth expected for MSPs
ResearchAndMarkets.com is predicting that MSPs to be amongst the fastest-growing providers of ICT services with an average rate of growth of 12% between 2018 to 2023.
In its latest report, Managed Service Provider Services: Worldwide Forecast 2018-2023, the firm says that MSPs ‘have a large and rapidly expanding opportunity’ It expects MSPs to account for 11% of the $2.8 trillion ICT market worldwide by 2023. The report forecasts nine different ICT service categories for MSPs. The three most important service categories will be IT and managed services, infrastructure and business applications.