Some 36% of companies who haven't suffered a breach said it is likely they are unknowingly experiencing one now.
In the spirit of October being the 16th Annual National Cybersecurity Awareness Month, a recent Bitdefender study outlined the cybersecurity conditions of infosecurity companies across the globe. The report found that cybersecurity breaches persist: 57% of companies have experienced a breach in the past three years, and 24% have already suffered a breach halfway through 2019.
Bitdefender's Hacked Off! report, released on Tuesday, surveyed more than 6,000 infosec professionals globally to determine how successful current cybersecurity measures are, and how to improve them.
SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic)
While the majority of IT workers rated their organizations' cybersecurity as very good (57%) or good (24%), the report referred to today's threat environment as a "minefield."
The cyberattacks posing the biggest threat to organizations in 2019 included phishing (36%), trojans (29%), ransomware (28%), legal and compliance risks (28%), unpatched software (24%), DDoS attacks (24%), and social media threats (22%).
While the number of companies suffering from data breaches has slightly decreased over the past three years, according to the report, 36% of infosec professionals said they believe their companies are currently facing a cyberattack without knowing it.
As new technologies emerge, new threat vectors follow, which is putting significant stress on infosec professionals. More than half (58%) of employees said they are concerned about their organization's cybersecurity readiness, and 49% said they lose sleep over it, the report found.
C-suite executives aren't helping: 57% of infosec professionals said that key executives are the ones least likely to comply with the company's cybersecurity policy. This problem, compounded with 73% of organizations being under-resourced, is troublesome for employees.
"Resources are such a stressor that 53% of infosec professionals have contemplated leaving their job due to under-resourcing in terms of staff," Liviu Arsene, global cybersecurity researcher at Bitdefender, said in a press release. "Resources are in fact such a bugbear that infosec pros say the main obstacles to their organizations' strengthening their cybersecurity posture are a lack of budget and a lack of skilled personnel."
To help companies better prepare for evolving cyberattacks, the report identified the following key components of a good cybersecurity strategy:
- Form a specific security operations center (SOC) to monitor threats 24/7
- React as quickly as possible to cyberthreats
- Create a smart detection strategy using network traffic analysis and antimalware technology
- Emphasize ongoing security training for employees
- Prioritize security in the company's tech budget
For more check out Cybersecurity: This is how firms are spending their budget this year on TechRepublic.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)