60% of Businesses Have Experienced a Breach in the Past Two Years
IT security professionals have seen the number of breaches as well as the percentage of organizations that admit to being breached increase year after year. However, Vanson Bourne, a UK-based tech market intelligence organization interviewed 600 IT decision-makers, 300 from IT operations and 300 from IT security and found the following:
- 60 percent have experienced a serious security breach in the last two years – 31 percent more than once
- 77 percent of respondents believe that they are not extremely well prepared to react to a serious data breach
- The vast majority of respondents see investment increases in areas such as software migration automation (80 percent), incident response and remediation (67 percent), and software patching (65 percent) as critical to securing their data
- Eight in ten claim digital transformation increases the risk of a breach
Thus, based on this survey and others including Bitdefender’s global Hacked Off! Study, the threat of being breached and the looming security complications from digital transformation, cloud migration, and the increasing number of software vulnerabilities that must be patched are overwhelming IT security staff.
Nearly 40% of IT Security Pro’s Fear an Attack in the Next Year
The Hacked Off! study found similar breach data as compared with Vanson Bourne survey; in both surveys 60% of all businesses they both surveyed suggesting they had experienced a breach in the past three years. In addition, according to the Hacked Off survey, 36% of IT security professionals whose employers had not been a victim of a cyber attack in the study believe that they could be facing one currently or in the near-term without even knowing it.
The Hacked Off study includes the opinions of more than 6,000 infosec professionals, across the UK, US, Australia, New Zealand, Germany, France, Italy, and Spain. In addition, the survey respondents represent a broad and diverse cross-section of organizations from small to medium businesses to publicly listed global enterprises in most industry groups, including finance, government, and energy.
The study found that nearly half (49%) of the respondent’s report that they are kept awake at night worrying about their organization’s cybersecurity. While “worrying” is difficult to quantify in terms of organizational preparedness and imminent security threats, the study also found that more than half (58%) are also worried about the readiness of their organization in dealing with a global cyberattack.
Organizations Remain Understaffed to Appropriately Defend Itself
Two issues that uncover much of the nervousness of IT security staff is the lack of cybersecurity training or knowledge among general employees and buy-in or even compliance from the C-Suite. 30% of IT security employees suggest that phishing attacks among others are successful because of poor employee training. Further, 57% of respondents suggest that key executives or C-Suite executives are the “least likely” to comply with organizational cybersecurity policy.
Furthermore, and not surprisingly, SOC analysts are suffering from alert fatigue from security technology. Over half (53%) of endpoint detection and response alerts are false alarms, and 49% of those surveyed say their SOC colleagues experience both alert and endpoint agent fatigue.
Ultimately, 73% of respondents believe their organization at an increased risk of a cyber-attack because they are under-resourced. This figure is slightly higher (78%) for companies employing more than 1,000 people.
This may be an indicator of a bumper year for breaches, as the total number of organizations reporting breaches in 2018 only came to 32%.
Infosec professionals are right to be concerned, as, by the end of July 2019, a quarter of infosec professionals revealed that the company they work for had suffered a data breach. These findings and more are revealed in Bitdefender’s global Hacked Off! Study.
The study takes into account the views and opinions of more than 6,000 infosec professionals, across the UK, US, Australia, New Zealand, Germany, France, Italy, and Spain. Respondents represent a broad cross-section of organizations from fledgling SMEs, through to publicly listed 10,000+ person enterprises in a wide variety of industries, including finance, government, and energy.
Only 3% of Security Professionals Surveyed Believe They Can Consistently Stop an Attack
There is a desperate need for the speed of response to increase. Almost one in three infosec professionals (29%) reveals that it would take a week or longer to detect an advanced cyber-attack.
This is higher (39%) among those that are in areas of the companies that are responsible for security training & support. Respondents in these areas suggest that the main barriers to uncovering a breach quickly and remediating it before it does serious damage are ‘lack of knowledge’ and a ‘lack of proper security technology’ (both 36%).
One of the more eye-opening pieces of data in the study is that only three in one hundred (3%) of respondents reported that 100% of advanced attacks can be efficiently detected and isolated. This is sobering information to many of the folks outside of the cybersecurity profession. The reality is that no company has the resources to defend against state-sponsored attacks or keep up with the morphing malware, malicious code and evolving threats in real-time.
Not surprisingly, IT security professionals fear the negatives of any significant breach would be ‘business interruption’ (43%), ‘reputational cost’ (38%), and a ‘loss of revenue’ (37%). However, what tops the list of concerns to respondents is the loss of customer trust. More than a third (37%) say it is their most significant worry.
Interestingly, the majority (57%) of respondents – who are again, IT security professionals in this survey, rate their organizations’ cybersecurity either very good or excellent.
One of the key learnings of the Hacked Off! Study is that infosec professionals believe that solutions for improving data protection is faster detection and response capabilities. These capabilities include more effective ways of detecting cyber threats, including network traffic analysis and anti-malware technology topping the list. They also suggested that Endpoint Detection and Response is an evolving and growing solution, with seven in ten infosec professionals believing that EDR can help prevent or stop the spread of attacks.
The IT Security Solution is Not More Technology
Erik Montcalm the Vice-President of Services & Technologies at SecureOps serves organizations like those represented in the survey as a partner providing managed security services. Erik suggests that the problems and issues that the surveys uncovered are consistent across the organizations he serves. He goes on to say that in large part the problem is people; too few people, that is. “IT departments do not have enough security specialists to handle both the strategic IT security responsibilities such as posture assessments, compliance, and network security design and the tactical such as endpoint detection and response, log monitoring, SIEM management, and patching.”
Erik continues, “the organizations we serve want our staff to empower their staff. Meaning, we provide both strategic and tactical IT security tools, technology, and people where our customers need them the most in order to keep their employees, customers, and data safe.”
“The bottom line is even just a few years ago a breach or compromise would amount to little more than an embarrassment for organizations, today the damage is real and its financial, operational and reputational. Whether its ransomware, spear phishing, or malware that exposes patient data the sophistication and number threats are unfortunately increasingly.
The Hacked Off! survey said that nearly 50% of all IT security professionals are “kept awake at night” with concerns about their organization’s ability to protect itself – we at SecureOps take that seriously. In a previous blog post, we went through the results of the Hart Survey which found that for the first time business leaders were more concerned about cyber-risk than any other issue.
Our primary goal at SecureOps is to provide strategic and tactical IT security support where our customers need it so they can focus on their business rather than be consumed cybersecurity worries. While machine learning, artificial intelligence, and advanced analytics are becoming “magic bullet” terms in cybersecurity, the reality is every business is different and technology will never prevent all breaches.
Systems and data must be prioritized, and the strategic and tactical IT security responsibilities must be aligned and managed, so the posture of the organization meets the risk standard of the business. Our team takes a hands-on approach to our customer’s defense and risk management strategy so that they are able to close gaps cost-effectively, focus on their business and sleep better at night.”