Just over three quarters (76%) of US businesses have faced cyberattacks in the past 12 months, according to the 2019 State of Cyber Security for Small to Medium Sized Business survey conducted by Keeper Security and the Ponemon Institute, released Tuesday. Organizations in the US are more likely to experience cyberattacks—among all countries polled, the average was 66%, with 65% of the respondents in the UK, Germany, Austria, and Switzerland reporting a cyberattack in the past 12 months. 62% and 59% of respondents in Scandanavian and Benelux countries reported cyberattacks during the same timeframe.
Of the attacks experienced, phishing leads globally at 57%, with web-based attacks, general malware, and credential theft rounding out the top four at 47% and 36% respectively. Phishing continues to grow in popularity among cybercriminals—only 43% of respondents in 2016 phishing attacks in 2016.
SEE: Avoid time-wasting meetings: 10 tips (free PDF) (TechRepublic)
Because phishing relies the human element—or Layer 8 issues, depending on how you prefer to look at it—reliance on phishing attacks by cybercriminals is a reliable way to get information Clever software trickery and exploitation of zero-day vulnerabilities are an unnecessary bother when you can simply con people into handing over data. 63% of respondents cited a negligent employee or contractors as the root cause of data breaches in the past 12 months, with third-party mistakes in second at 55%.
Commercial antivirus and intrusion detection solutions are letting down IT professionals, with 82% of respondents indicating their organization has seen exploits bypass their antivirus software, and 69% saw exploits evade intrusion detection systems—these numbers are higher in the US, at 86% and 75%, respectively. Accordingly, 39% of respondents noted an increase in time needed to respond to a cyberattack in the past 12 months.
The financial impact of security events is growing as well—26% of respondents indicated losses in excess of $1 million in 2019 due to security events, an increase from 22% in 2018, 18% in 2017 and 16% in 2016. 30% of respondents indicated that the per-event cost is between $100,000 and $250,000.
For more, check out “AWS billing is broken and Kubernetes won’t last, says irreverent cloud economist Corey Quinn” and “Financial impact of ransomware attacks increasing despite overall decrease in attacks” at TechRepublic.