The frequency of security incidents continues to grow. In fact, according to the research, 78% of security leaders surveyed experienced an incident in the last 12 months. And, the incidents are not one-off events. Among those organizations, 80% of them reported four or more incidents in that same time period while 50% experienced an astounding 10 or more.
Web-based attacks are now the most common attack method, credited with 60% of incidents compared to 50% credited to phishing attacks. Distributed denial-of-service (DDoS), malicious insiders, and stolen credentials were less frequent: 41% of breached companies experienced those types of incidents in the past year.
Not all industries are equally affected by cyber threats. Technology-led industries — such as gaming, media and telecommunications, and IT — are among the most frequently targeted. Companies in financial services and energy have experienced similarly frequent attacks.
Companies of all sizes are targeted, with minimal differences between small, medium-sized, and large organizations. For attackers, however, each size of business offers a different effort-to-reward ratio.
Large organizations (with more than 2,500 employees) often have the most valuable data to steal. But they also have sophisticated defenses, with numerous security products in their architecture. They have larger budgets for security and deeper staff resources to implement and manage those solutions.
At the other end of the spectrum, small companies (with between 150 and 999 employees) have more modest defenses. They also might be less able to identify breaches when they happen. Still, they look less enticing to attackers compared with larger organizations. They have an inherently smaller volume of valuable resources in the network and only modest financial resources that could be stolen or used for ransomware.
Medium-sized companies (1,000 – 2,499 employees) offer a sweet spot for attackers: Their defenses might be less robust than their larger peers, but they still have valuable data that can be pilfered.
The goals of these attacks seem to be fairly varied, according to respondents of our survey. Implanting spyware was the goal for 59% of attacks, in particular within media and telecom, energy, and travel and tourism companies. But financial gain (55%), data exfiltration (52%), and ransom (52%) were also top aims across industries.
The goals of attacks differ from one industry to the next. For example, healthcare and transportation companies are among the most likely to be struck with data exfiltration attacks. Energy and financial services companies are most likely to be attacked for financial gain. And media and telecom companies are most frequently infected by spyware.
If organizations are investing in cyber security solutions — and in some cases many solutions, why do they continue to be victims of attacks? The solutions organizations have in place are simply not working as they should. It’s clear that securing organizations today has new requirements and for many, it’s time to reevaluate our security strategies. For many organizations, the solution for addressing a rising number of security threats will not be more solutions but a radically different approach — one that unifies security across environments and offers a composable, programmable architecture.
Continue to Chapter 3: Securing hybrid work
This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.
After reading this article you will be able to understand:
Survey results from over 4,000 cyber security professionals
New findings on security incidents, preparedness, and outcomes
Considerations for CISOs to secure the future and achieve better outcomes for their organization