A recent study conducted by Sophos and Vanson Bourne of 3,100 IT managers globally had some surprising results.
68% of organizations surveyed fell victim to a cyberattack in the last year. That means that these organizations were unable to prevent attackers from entering their network and/or endpoints. Additionally, those organizations that were victim of at least one cyberattack suffered an average of two attacks within the one-year period.
The organizations reported that threats were in their systems for an average of 13 hours before being detected. The report is quick to point out that the 13 hour number represents the minimum amount of time a threat was within the organizations’ systems.
Additionally, the 2018 Verizon Data Breach Investigations Report states that (coincidentally) 68% of cyberattacks take “months or longer” to discover. The disparity between the two statistics is probably accounted for by the difference in capabilities – companies who are breached are not in the business of cybersecurity, their teams do the best they can with the tools they have, but they are underequipped and unable to analyze and respond to threat horizons with the precision of cybersecurity providers.
These reports highlight the need to have a strong cybersecurity plan in place, not only technical measures but operational ones too.
Over a quarter of attacks come from inside threats, with about 17% of all breaches resulting from employee error and 4% coming from clicks on phishing campaigns.
Insider threats can be somewhat addressed through technical measures, but having clear policies in place regarding data operations, regular auditing of compliance measures, and consistent employee training.
A well equipped, well prepared team can mean the difference between prevention, neutralization, and recovery, and a staggering blow to productivity and consumer trust.