Security breaches at a standstill but COVID-related attacks increase
The latest annual Cybersecurity Report Card from threat intelligence specialist DomainTools shows security breaches among those surveyed have remained essentially unchanged from last year's report at 16 percent.
Yet almost 60 percent of organizations detected a moderate to a dramatic increase in cyber attacks during and following the pandemic, which points to a rise in the overall breach prevention success rate.
"The global pandemic put the confidence of security teams in their programs to the test. Organizations faced concurrent challenges in managing the sudden, large-scale shift to remote work and the increase in COVID-related cyberattacks. Reports from previous years have shown organizations making gains in their security posture, and this was reflected in the responses of those able to rise and meet the challenges of COVID-19," says Tim Helming, security evangelist at DomainTools. "This was a wakeup call for many, as almost a quarter of organizations plan to increase their security budgets as a result of COVID-19 to better prepare themselves for the future. Unfortunately, fifteen percent of organizations plan to cut budgets. While budget constraints are understandable, these cuts may well add to the stress already present."
The survey asked over 520 security professionals to grade the overall health of their programs and give insights into their experiences navigating the COVID-19 pandemic. While 12 percent of would have given their organization a lower grade before the pandemic -- showing surprise at how well they were able to cope -- a near equal number, 14 percent, would have given their organization a higher grade before the pandemic.
44 percent of organizations were either not prepared or unsure if they were prepared to enable a fully remote workforce before COVID-19. In addition 60 percent of respondents state that working from home has made their organization more vulnerable to cyber threats.
The report also looks at the most common threat vectors that organizations detect. It finds that spearphishing (85 percent), malware (46 percent), and business email compromise (38 percent) are the three most common forms of attack.
The full report is available from the DomainTools site.