CyberEdge Group, a well-known marketing and research firm with a focus in technology, recently came out with the newest CyberEdge Cyberthreat Defense Report (CDR). The report surveys large companies (500 or more employees) around the world and spans 19 different industries. It reports on the companies’ relative preparedness to the rest of the survey population and the cyberthreats they encountered throughout the year. The survey is fairly comprehensive and provides a good standard on how to measure how businesses across the world are combating cybersecurity threats.
This year’s report confirmed the prevalence of ransomware and other cyberthreats, as well as introduced new IT trends. We’ve brought to you the top five insights from this year’s report:
1. In 2020, over one-third of the organizations surveyed by CyberEdge experienced more than 6 successful cyberattacks. 2020 saw the highest percent of organizations experiencing successful cyberattacks since 2015 (80.7%).
While the trends on cyberattacks have been scary, never before have we seen these kinds of statistics. Let’s think about what this means; on average, over one-third of the organizations surveyed fell prey to a cyberattack every two months. With that magnitude of interruptions, cyberattacks are sure to be a serious hindrance to those businesses’ ability to create new value for themselves and their customers.
Additionally, we have seen an increase of 10 percent in the number of organizations who experienced a successful attack since 2015. With over 80 percent of those surveyed reporting that they experienced at least one attack in 2020, the chances of any business experiencing a cyberattack at least once during 2021 are only ever increasing.
2. 62% of organizations were victims of ransomware (this has been steadily rising since 2017). An increased number are paying the ransom demand, too (58% of victims, compared to 45% in 2019).
Lane Livingston, CTO and Co-Founder of Trinsio said in a recent interview, “In today’s world there are a few things that will make or break your company, regardless of your size or industry. In addition to the list you are thinking about (key employee retention, brand and reputation, sales and marketing, customer retention), an often overlooked but potentially even more devastating source of disruption and destruction is cybersecurity.
“If your IP or critical data is exposed or encrypted and held for ransom (Ransomware), what’s the impact on your business? What if that data is irretrievably lost? Two critical facts: 1, According to DHS, every business will have a cybersecurity breach within the next two years. That is everyone. 2, 70%+ of all businesses who lost critical data in a data breach or data loss scenario will go out of business within 2 years. Prepare and plan or crash and burn.”
3. More organizations than ever are saying they are very likely to experience a cyberattack in the next year (69%).
While the number of organizations that recognize that they are susceptible to cyberattacks has increased, it is still in question whether organizations are doing enough to turn that around. The CyberEdge DFR reported that the organizations surveyed saw lack of budget as a barrier which inhibited their organizations from adequately defending against cyberthreats.
4. 85% of respondents said they wanted security products with machine learning and AI.
Many of the other barriers which prevented adequate defence against cyberthreats (such as too much data to analyze, insufficient automation of threat detection and response processes could be solved with Artificial Intelligence (AI). AI as a tool against ransomware has proved to be a great asset, and this new trend suggests that companies are beginning to see that. As the threats against us get smarter, so must we!
5. One of the biggest barriers in 2020 in cybersecurity remains the lack of available skilled professionals.
The highest ranked barrier to establishing effective cybersecurity defenses for 2020 was the lack of skilled personnel, with the next highest barrier being the low security awareness among employees. Until organizations can effectively increase the security awareness for their employees, they will be hard pressed to have an effective cybersecurity posture. As the saying goes, the chain is only as strong as its weakest link.