60% Of Organisations Have Been Attacked - Some Don’t Even Know It

Uploaded on 2019-10-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Around 60% of global organisations have suffered a breach in the past three years, with the rest increasingly feeling like their turn is coming soon. This data and research has been confirmed by new research from the experts at Bitdefender

The security firm polled over 6000 cyber-security professionals from organisations of all sizes in the UK, US, Australia, New Zealand, Germany, France, Italy and Spain to compile its 'Hacked Off' report. 

While 60% of respondents said they’d been hit by a data breach, 36% claimed they could be facing one without knowing. 

It’s no surprise that over half (58%) are concerned about the readiness of their organisation to deal with such an attack.
Board-level buy-in is a major sticking point: 57% of respondents claimed that the C-suite is the least likely to comply with corporate cyber-security policy. 

Research also done by Cyber Security Intelligence confirms this data and also has found that some organisations have been cyber hit, but the IT department has not informed the senior management, as they think it might have been the IT Department’s lack of security that caused the attack. 

But now senior management are also putting their firm at cyber-attack risk and making it hard to drive the kind of company-wide security-by-design culture demanded by GDPR and other regulators. Nearly three-quarters (73%) believe they’re more at risk as they are under-resourced, while alert fatigue is a major problem, with over half (53%) of endpoint detection and response (EDR) alerts described as false alarms.

The research found that, partly because of this EDR failure, firms are reacting too slowly to incidents. Over a fifth (29%) claimed it would take a week or longer to detect an advanced cyber-attack, while just three in every 100 cybersecurity professionals claimed 100% of attacks can be efficiently detected and isolated.

Yet despite all of these shortcomings, more than half (57%) of respondents rated their organisation’s cyber-security “very good” or “excellent.”

Liviu Arsene, cybersecurity researcher at Bitdefender, explained that further investments in anti-malware, network traffic analysis and EDR were all highlighted by respondents as necessary.

“Poor cybersecurity is an undeniable threat to businesses today. From the loss of customer trust to the impact on the bottom line it is critical for infosec professionals to get it right.... According to respondents, 53% of infosec professionals have contemplated leaving their job due to under-resourcing in terms of staff. Resources are in fact such a bugbear that infosec pros say the main obstacles to their organisations’ strengthening their cyber-security posture are a lack of budget and a lack of skilled personnel.”

For a review of your company’s cyber risk please contact Cyber Security Intelligence

Bitdefender:       Infosecurity

You Might Also Read: 

Effective Cybersecurity Requires Both Cyber Training & Insurance Cover:

 

 

« Over 2 Million Magecart Detections
Employee Training Is Vital For Commercial Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

MixMode

MixMode

MixMode's PacketSled platform delivers network monitoring, deep forensic analysis and incident response.

Authorize.Net

Authorize.Net

Authorize.Net is a Payment Gateway which provides the complex infrastructure and security necessary to ensure fast, reliable and secure transactions.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

SoSafe

SoSafe

Modern awareness training that works. With memorable content on all areas of IT security, with measurable learning success and full data protection compliance.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

Cybots Pte Ltd

Cybots Pte Ltd

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Inspectiv

Inspectiv

Inspectiv offers a turn-key solution to continuously identify security vulnerabilities and provide security assurance.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

NPCERT

NPCERT

NPCERT is a team of Information Security experts formed to address the urgent need for the protection of national information and growing cybersecurity threat in Nepal.