Most enterprises expect systems to be attacked but there's confusion around responsibilities
A new survey of over 500 security and IT operations leaders worldwide shows that 61 percent believe that data loss within the next 12 months due to increasingly sophisticated attacks is ‘likely’ or ‘very likely’.
The study from Commvault, with research carried out by IDC, reveals that in many cases, senior executives/line-of-business leaders are minimally engaged in their company's cyber preparedness initiatives -- just 33 percent of CEOs or managing directors and 21 percent of other senior leaders are heavily involved.
According to the research 52 percent of senior leaders have no involvement in their company's cyber cases. As well as this lack of executive engagement, there is also often confusion between ITOps and SecOps teams in terms of who is doing what when it comes to cyber preparedness. Only 30 percent of SecOps teams say they fully understand ITOps' roles and responsibilities for cyber preparedness and response, and similarly, only 29 percent of ITOps teams fully understand what falls to SecOps.
The research also shows that data exfiltration attacks -- when malware or a malicious actor carries out an unauthorised data transfer -- occur almost 50 percent more often than encryption attacks. As cyber attackers deploy cleverer tactics, relying on manual detection and reporting processes are very likely to result in missed anomalies and successful attacks. Though automation could lead to faster detection to mitigate the intrusion impact, most organizations (57 percent) have limited automation for key functions, increasing their chances of missing a threat before it happens; only 22 percent report being fully automated.
"We are beyond just reacting to cyber threats. The C-suite must ensure teams are prioritizing proactive defense, real-time threat intelligence, and robust risk management to pave the way for genuine cyber resilience," says Javier Dominguez, CISO of Commvault. "It's also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end. With Commvault, resilience isn't an afterthought -- it's the blueprint."
You can get the full report from the Commvault site.
Image credit: Syda_Productions/depositphotos.com