Connect with us

Hi, what are you looking for?

HEADLINES

Companies are now more successful in detecting and preventing cyberattacks

With ransomware and distributed denial of service (DDoS) attacks on the rise, the average number of focused cyberattacks per organization has more than doubled this year compared to the previous 12 months (232 through January 2018 versus 106 through January 2017). In the face of these growing cyber threats, organizations are demonstrating far more success in detecting and blocking them, according to a new study from Accenture.

Yet, despite making significant progress, only two out of five organizations are currently investing in breakthrough technologies like machine learning, artificial intelligence (AI) and automation, indicating there is even more ground to be gained by increasing investment in cyber resilient innovations and solutions.

The study was conducted from January to mid-March 2018 and investigated focused attacks defined as having the potential to both penetrate network defenses and cause damage, or extract high-value assets and processes from within organizations. Despite the increased pressure of ransomware attacks, which more than doubled in frequency last year, the study found organizations are upping their game and now preventing 87 percent of all focused attacks compared to 70 percent in 2017. However, with 13 percent of focused attacks penetrating defenses, organizations are still facing an average of 30 successful security breaches per year which cause damage or result in the loss of high-value assets.

“Only one in eight focused cyberattacks are getting through versus one in three last year, indicating that organizations are doing a better job of preventing data from being hacked, stolen or leaked,” said Kelly Bissell, managing director of Accenture Security. “While the findings of this study demonstrate that organizations are performing better at mitigating the impact of cyberattacks, they still have more work to do. Building investment capacity for wise security investments must be a priority for those organizations who want to close the gap on successful attacks even further. For business leaders who continue to invest in and embrace new technologies, reaching a sustainable level of cyber resilience could become a reality for many organizations in the next two to three years. That’s an encouraging projection.”

Advertisement. Scroll to continue reading.

Security Teams Find Breaches Faster

It’s also taking less time to detect a security breach; from months and years to now days and weeks. On average, 89 percent of respondents said their internal security teams detected breaches within one month compared to only 32 percent of teams last year. This year, 55 percent of organizations took one week or less to detect a breach compared to 10 percent last year.

Although companies are detecting breaches faster, security teams are still only finding 64 percent of them, which is similar to last year, and they’re collaborating with others outside their organizations to find the remaining breaches. This underscores the importance of collaborative efforts among business and government sectors to stop cyberattacks. When asked how they learn about attacks that the security team has been unable to detect, respondents indicated that more than one-third (38 percent) are found by white-hat hackers or through a peer or competitor (up from 15 percent, comparatively, in 2017). Interestingly, only 15 percent of undetected breaches are found through law enforcement, which is down from 32 percent the previous year.

Addressing Cybersecurity from the Inside Out

On average, respondents said only two-thirds (67 percent) of their organization is actively protected by their cybersecurity program. And, while external incidents continue to pose a serious threat, the survey reveals that organizations should not forget about the enemy from within. Two of the top three cyberattacks with the highest frequency and greatest impact are internal attacks and accidentally published information.

Advertisement. Scroll to continue reading.

When asked which capabilities were most needed to fill gaps in their cybersecurity solutions, the top two responses were cyber threat analytics and security monitoring (46 percent each). Organizations realize the benefits derived from investing in emerging technologies. A large majority of respondents (83 percent) agree that new technologies such as artificial intelligence, machine or deep learning, user behavior analytics, and blockchain are essential to securing the future of organizations.

Five steps organizations can take to achieve cyber resilience include:

1.     Build a strong foundation. Identify high value assets and harden them. Ensure controls are deployed across the organizational value chain, not just the corporate function.

2.     Pressure test resilience like an attacker. Enhance red defense and blue defense teams with player-coaches that move between them and provide analysis on where improvements need to be made.

3.     Employ breakthrough technologies. Free up investment capacity to invest in technologies that can automate your defenses. Utilize automated orchestration capabilities and advanced behavioral analytics.

Advertisement. Scroll to continue reading.

4.     Be proactive and use threat hunting. Develop strategic and tactical threat intelligence tailored to your environment to identify potential risks. Monitor for anomalous activity at the most likely points of attack.

5.     Evolve the role of CISO. Develop the next generation CISO — steeped in the business and balancing security based on business risk tolerance.

 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement