On Thursday, a study released by Guidance Software illustrated current activity in the enterprise as cyberattacks continue to mount with alarming frequency. The main takeaway: Both breaches and defenses are increasing in IT departments.

The survey, conducted in May, included responses from 330 North American professionals holding IT security positions, or performing tasks that fell under the IT security umbrella.

Here are the main findings:

  1. Malware breaches are on the rise. While 56% of organizations reported breaches in 2016, 65% reported them in 2017.
  2. Phishing incidents are down. While 58% of respondents reported breaches in 2016, that figure dropped to 58% this year.
  3. More than half of professionals are expecting an attack in the coming year. Some 52% of respondents said they are preparing for an attack in the next year.
  4. Losses due to attacks increase. A quarter of organizations surveyed reported financial losses in 2017 due to security breaches. One in five of those that were targeted reported losses of more than $1 million.
  5. Network or business applications unavailable. While 28% of respondents in 2016 reported unavailability that year, the figure rose to 35% in 2017.
  6. Intellectual property theft or information confidentiality. Some 19% of respondents faced issues with property theft or information confidentially in 2017, up from 13% in 2016.
  7. Preparation. More than half (54%) of organizations said they were prepared for a major breach.
  8. Security teams. The number of IT professionals who say they plan to build formal security teams this year doubled–from 12% in 2016 to 24% in 2017.

While managing the complexity of security remains the top challenge for IT professionals, more pointed to assessing risk as a challenge: 35% in 2017 vs. 32% the previous year. Also, IT professionals reported enforcing security policies as a growing challenge–34%, as compared with 31% last year.

SEE: Information Security Certification Training Bundle (TechRepublic Academy)

“As cybercriminals continue to evolve their methods and capabilities, the challenge facing cybersecurity professionals will only grow,” said Patrick Dennis, president and CEO of Guidance Software, in a press release. “We see this reflected in the data on the frequency of attacks, costs of a breach and more. Enterprises are beginning to realize that compromise is inevitable, so they need to ensure that they have a complete strategy that includes costs for prevention and deep detection and response tools. In other words, a growing number of enterprises recognize they live in a world of continuous compromise and no longer have to fear the breach.”

The 3 big takeaways for TechRepublic readers

  1. A new survey, released Thursday by Guidance Software, shows that security breaches are on the rise–while 56% of organizations reported breaches in 2016, 65% reported them in 2017.
  2. Financial losses due to cyber breaches are growing, and the toll is big: For one in five of organizations that reported losses, those losses exceeded $1 million.
  3. As security breaches continue to hit the enterprise, the number of IT professionals who report plans to create formal security teams this year doubled–from 12% in 2016 to 24% in 2017.