Enterprises gear up to face the inevitability of cyber attacks
A new study finds that while attacks increase and financial losses continue to mount, a growing number of companies are preparing to respond to breaches
The research from forensic security company Guidance Software finds that 54 percent of organizations feel well prepared to respond to a major breach in the coming year (up from 51 percent in 2016). Additionally, 25 percent of respondents say they're looking to build a formal security and incident management team within the next year up from 12 percent in 2016.
35 percent of respondents say assessing risk is the biggest IT security challenge, up from 32 percent in last year, while 34 percent name enforcing security policies the top challenge, up from 31 percent in 2016. Managing the complexity of security is a concern for 33 percent, and 32 percent believe that the use of cloud services and applications makes their data less secure.
Looking at actual attacks, around 65 percent of organizations have fallen victim to malware-related breaches in the last year (up from 56 percent in 2016), while 55 percent experienced breaches initiated by phishing (down from 58 percent). However, only half of respondents (48 percent) believe they will need to respond to a breach in the coming year. Ransomware attacks have remained steady year on year at 23 percent. While nine percent say they paid the ransom in 2017, no respondents reported paying ransoms in 2016.
One in four organizations suffered significant or minor financial losses due to an attack or breach in the past 12 months. Six percent of companies claimed significant financial losses, up from two percent in 2016. 19 percent of companies claimed minor financial losses in 2017 (up from 11 percent). Among those who were hit by directly targeted breaches, 20 percent had costs in excess of $1 million.
"As cybercriminals continue to evolve their methods and capabilities, the challenge facing cybersecurity professionals will only grow," says Patrick Dennis, president and CEO of Guidance Software. "We see this reflected in the data on the frequency of attacks, costs of a breach and more. Enterprises are beginning to realize that compromise is inevitable, so they need to ensure that they have a complete strategy that includes costs for prevention and deep detection and response tools. In other words, a growing number of enterprises recognize they live in a world of continuous compromise and no longer have to fear the breach."
You can find out more about the findings and about protecting your business on the Guidance blog.
Image credit: Wavebreakmedia / depositphotos.com