Survey shows cybercriminals are turbo-charging and pushing businesses to their limits
Sophos Cybersecurity, Umfrage, Cyberkriminalität
The cybersecurity situation in companies can be summed up in one sentence: While cybercriminals drive supercars, companies often struggle to keep up with established mid-size sedans. In other words, attackers are getting faster and attacked companies cannot keep up. A recent study, State of Cybersecurity 2023: The Impact of Attackers on Enterprise Defenders, shows that today's reality is a two-speed cybersecurity system, with attackers, attackers and defenders moving at different speeds. Attackers are accelerating and expanding their capabilities through automation, cybercrime-as-a-service model, secret identity switching and other modifications, and can launch a variety of attacks.
Response times of up to 15 hours plus incorrect settings are the main threats
Defenders, on the other hand, constrained by inexperience, a large number of warnings and too much time to respond to incidents, are not keeping up with the times. Most companies struggle to identify and respond to threats. 93% of respondents find it difficult to perform basic security tasks. Dealing with security alerts is a common problem. On average, less than half (48%) of all alerts are reviewed to determine if they represent malicious activity. Many companies also have difficulty identifying warnings or Identify events and priorities (71 %).
The entire detection, investigation and response process takes an average of 9 hours for organisations with 100 to 3,000 employees and up to 15 hours for organisations with 3,001 to 5,000 employees. On the operational front, defenders do not trust their processes, and security tool misconfiguration is the most talked about security risk through 2023. More than half (52%) of IT professionals say cyber threats have become too complex for their companies to handle on their own. For small businesses (100-250 employees), the figure is as high as 64 %.
Sleepless nights and too much time to deal with threats
This situation has financial, operational and resource implications for businesses, while the impact of a two-speed system is significant and affects the entire organisation. The direct financial impact of cyber incidents is huge and well known: The average cost of resolving a ransomware attack for an SME is $1.4 million. However, these clean-up costs are only part of the story. The ability to use other IT programmes is also limited - 55% of respondents say that fighting cyber threats has interfered with the IT team's work on other projects. Cybersecurity also hinders business-oriented operations due to its urgency and unpredictability: 64% would like the IT team to spend more time on strategic issues and less time on incident response. The length of time spent identifying, investigating and remediating security alerts also has a significant financial impact in terms of resource costs.
And it turns out that this situation is also a burden for employees. 57% of IT professionals say that the fear of a cyber-attack affecting their business sometimes keeps them awake at night. In companies with 3001 to 5000 employees, the figure is as high as 65%. With the high cost of recruiting, training and retaining field staff, all these threats create additional challenges and costs for the business.
The full report with charts can be found here: https://assets.sophos.com/X24WTUEQ/at/f8t5qgvm44h5s39br4pkcjt/sophos-the-state-of-cybersecurity-2023-wp.pdf