Six uncomfortable truths
Although, more than half of the organizations surveyed were hit by a cyberattack in the last year, a lack of visibility remains high, threat detection is problematic, false alarms cost time and money, according to a new research.
The study surveyed over 3,000 IT decision makers at organizations ranging from 100 to 5,000 users and came up with a report.
Uncomfortable truth #1: Over two-thirds of organizations were hit by a cyberattack in the last year.
- More than a third is discovered on the server. Modern attacks often start at endpoints before moving laterally to servers, the higher-value targets.
- Large organizations are usually aware that they’ve been hit by a cyberattack.
These are just the attacks that organizations have discovered. The actual number could well be higher.
#2: IT teams lack visibility and spend lot of time spotting the attack.
The average amount of time it took an organization to discover the most significant cyberattack was 13 hours. Clearly 13 hours is a lot of time for a hacker to have uninterrupted access to your systems and data, and enough time to wreak significant damage, extract sensitive data, steal credentials, install Trojans, ransomware, and more.
#3: IT teams can’t plug their security gaps because they don’t know what they are.
- One in five IT managers is unaware how their most significant cyberattack entered their organizations.
- Larger organizations are more likely to know how threats got in than the smaller ones. They likely have more skilled resources and more comprehensive cybersecurity solutions than smaller companies do.
#4: Organizations lose 41 days each year investigating nonissues.
- Organizations spend, on average, four days a month investigating potential security issues, or 48 days a year.
- Only 15% turn out to be actual infections. As a result, 41 days are lost investigating nonissues.
#5: Four out of Five organizations are struggling with detection and response mostly due to a lack of security expertise.
#6: Cyber victims learn the hard way.
More than half of organizations don’t see the value in investing in cybersecurity solutions. Most also think that they don’t have digital assets that need that protection, only to realize that a cyberattack will impact all business operations, not just IT.
Organizations victimized by a cyberattack in the last year are more cautious and spend more time investigating potential incidents.
- Unfortunately, 54% of organizations think cybersecurity investments are not important or not beneficial. This research finds that one cyberattack will take cybersecurity from business priority #n to priority #1.
- Organizations should start with an assumption that a threat will make its way through, be mindful of the limitations to their visibility into threats and their resulting inability to identify and block the gaps in their defenses.