US businesses unprepared for rise in cyberattacks
The average US business faces around three successful cyberattacks each year, and while most agree that attacks are set to increase, 32 percent still lack a management platform for IT secrets, like API keys, database passwords and privileged credentials, posing a significant risk to organizational security.
A new US Cybersecurity Census Report from Keeper Security shows most organizations think they're prepared to fend off cyberattacks, with 64 percent of respondents rating their preparedness at least an eight on a 10-point scale and 28 percent rating themselves as a 10/10.
However, at the same time the majority of respondents (57 percent) say it's taking longer to respond to attacks and only eight percent say responses are getting faster.
According to the study 84 percent are concerned about the dangers of hard-coded credentials in source code but 25 percent don't have software to remove them. 26 percent lack a remote connection management solution to secure access to IT infrastructure.
Yet the threat of cyberattacks is very real, 31 percent have suffered a disruption of partner or customer operations in the wake of a cyberattack and the same percentage have experienced theft of financial information. 18 percent of organizations have had money stolen, with the average amounting to more than $75,000, while 37 percent have lost $100,000 or more.
"The volume and pace at which cyberattacks are hitting businesses is increasing and with that come severe financial, reputational and organizational penalties," says Darren Guccione, CEO and co-founder of Keeper Security. "Leadership must prioritize cybersecurity, enabling their security teams to address rapid shifts in technology and distributed remote work. The impact these shifts have on cybersecurity are both pervasive and extreme. Building a culture of trust, accountability and responsiveness is critical."
Company policy and culture is clearly an issue too, only 44 percent of respondents provide their employees with guidance and best practices governing passwords and access management. 30 percent allow employees to set and manage their passwords and admit that employees often share access to passwords., and just 26 percent have a highly sophisticated framework for visibility and control of identity security.
IT leaders also admit a lack of transparency in cyber incident reporting within their organizations, with 48 percent being aware of a cyberattack, but keeping it to themselves.
You can get the full report from the Keeper site.