Top

Organisations experience 30 cyber breaches per year: Study

With ransomware and DDoS attacks on the rise, the average number of focused cyber attacks per organisation has more than doubled this year.

Although 87 per cent of focused cyber attacks are prevented, organisations are still experiencing 30 cyber breaches per year, a new study conducted by Accenture revealed.

With ransomware and distributed denial of service (DDoS) attacks on the rise, the average number of focused cyber attacks per organisation has more than doubled this year compared to the previous 12 months (232 through January 2018 versus 106 through January 2017).

In the face of these growing cyber threats, organisations are demonstrating far more success in detecting and blocking them, according to the study.

However, despite making significant progress, the study notes that only two out of five organisations are currently investing in breakthrough technologies like machine learning, artificial intelligence (AI) and automation, indicating there is even more ground to be gained by increasing investment in cyber resilient innovations and solutions.

Despite the increased pressure of ransomware attacks, which doubled in frequency last year, the study notes that organisations are upping their game and now preventing 87 per cent of all focused attacks, compared to 70 per cent in 2017. However, with 13 per cent of focused attacks penetrating defences, organisations are still facing an average of 30 successful security breaches per year which cause damage or result in the loss of high-value assets.

"While the findings of this study demonstrate that organisations are performing better at mitigating the impact of cyber attacks, they still have more work to do. Building investment capacity for wise security investments must be a priority for those organisations who want to close the gap on successful attacks even further. For business leaders who continue to invest in and embrace new technologies, reaching a sustainable level of cyber resilience could become a reality for many organisations in the next two to three years. That's an encouraging projection," said Kelly Bissell, managing director of Accenture Security.

As per the study, it is now taking less time to detect a security breach; from months and years to nowadays and weeks. On average, 89 per cent of respondents said their internal security teams detected breaches within one month, compared to only 32 per cent of teams last year. This year, 55 per cent of organisations took one week or less to detect a breach, compared to 10 per cent last year.

Although companies are detecting breaches faster, security teams are still only finding 64 percent of them, which is similar to last year, and they're collaborating with others outside their organisations to find the remaining breaches. This underscores the importance of collaborative efforts among business and government sectors to stop cyber attacks.

When asked how they learn about attacks that the security team has been unable to detect, respondents indicated that more than one-third (38 per cent) are found by white-hat hackers or through a peer or competitor (up from 15 per cent, comparatively, in 2017). However, only 15 per cent of undetected breaches are found through law enforcement, which is down from 32 per cent the previous year.

On an average, respondents said only two-thirds (67 per cent) of their organisation is actively protected by their cybersecurity program. While external incidents continue to pose a serious threat, the survey revealed that organisations should not forget about the enemy from within, as two of the top three cyber attacks with the highest frequency and greatest impact are internal attacks and accidentally published information.

When asked which capabilities were most needed to fill gaps in their cyber security solutions, the top two responses were cyber threat analytics and security monitoring (46 per cent each). A large majority of respondents (83 per cent) agreed that new technologies such as artificial intelligence, machine or deep learning, user behaviour analytics, and blockchain are essential to securing the future of organisations.

Next Story