Cyber security specialists, Integrity360, has announced findings from independent research into the cybersecurity threats being faced, the volume, and the challenges with incident response.
The survey of 205 IT security decision makers was conducted between 9th-14th August 2023, and highlights their principal cybersecurity threats and concerns, with over half of the respondents (55%) citing data theft as the biggest concern, with ransomware taking third place (29%) after phishing (35%).
On a further breakdown of the findings, CIOs (30%) and CTOs (33%) surveyed also ranked APTs (advanced persistent threats) and targeted attacks as a bigger concern than ransomware (28%, 33%). Furthermore, APTs and targeted attacks were cited by almost 20 per cent of respondents as the fourth most frequent cybersecurity incident, ahead of ransomware (15%) which was ranked as one of the least common incidents being seen by businesses.
Data theft (27%) was the second most common cybersecurity incident being seen within businesses, topped only by phishing (46%). This correlates with the mounting concerns around data theft and the increasing need to protect sensitive data which emerged as the top cybersecurity challenge keeping professionals awake at night (48%). This was closely followed by managing risk and compliance (28%) and defending identities (26%) which can be explained by increasing regulation around cyber security and the role of identity as an increasing attack vector in the world of pervasive remote and hybrid working.
Ransomware (25%) was ranked fourth amongst the challenges causing sleepless nights, likely due to the increased awareness surrounding backups, making ransom attacks less rewarding, whilst data theft alone, can have dire consequences in terms of reputational damage, hefty compliance fines and potential loss of IP, to name a few. This is notwithstanding the fact that ransomware commonly has a data theft component to it, so is no longer just encryption, something that may not be topmost in everyone’s mind.
Of the cyber security challenges keeping IT security decision-makers awake at night, CIOs (30%) were kept awake more than information security analysts (14%) and CTOs (18%) thinking about security consolidation, a responsibility that lies heavily with them as they battle to amalgamate the mass of security tools being introduced to defend against growing threats. Infosecurity analysts, however, ranked securing cloud environments (31%) as their second biggest nightmare keeping them awake at night.
Brian Martin, Head of Product Development, Innovation, and Strategy at Integrity360 said, “IT environments have become increasingly complex with many enterprises now employing multi-cloud strategies and multiple products, which can leave gaps in security, and see businesses paying for underutilised and overlapping tools unnecessarily. Consolidation of cybersecurity architectures can strengthen risk posture, reduce the number of tools and vendors in place, eliminate silos, reduce costs, and improve overall security posture.”
Of the 205 IT security decision-makers surveyed, 89 per cent of respondents reported an increase in the volume of security alerts over the past 12 months, with 76 per cent reporting an increase of between 1-50 per cent of alerts. Twenty-six per cent of those reported a 26-50 per cent increase in alerts, highlighting the mounting pressure on security teams and the incessant threats that businesses are facing.
The research also uncovered challenges in incident response (IR), shedding light on budgetary constraints in cybersecurity. Insufficient budgets (31%) were highlighted as the top challenge for effectively responding to incidents, followed by the complexity of incidents (27%) and lack of board-level understanding of IR (27%). A shortage of IR skills, experience, and tools (38%) is also seen as being significant hurdle.
Brian added, “insufficient budgets can leave organisations vulnerable to attack. Businesses need to prioritise cybersecurity spending to avoid the financial and reputational ramifications that will often outweigh any initial investment in cybersecurity tools and processes. Likewise, being able to respond quickly is vital in the wake of a cybersecurity incident, and investing in IR services, training, and expertise can make all the difference when responding to a breach or serious incident.”
Unsurprisingly, speed was considered the most stressful aspect of responding to a cybersecurity incident as 40 per cent of respondents noted the need to act quickly as being stressful, whilst the sense of responsibility was cited by (31%). Interestingly, the fear of being wrong (24%) ranked higher than the difficulty in diagnosing the incident (22%). C-level executives fear being wrong more than information security analysts, perhaps because the fallout from a poor response to a cyber incident could be worse or even catastrophic for them and their careers.