New data on the current state of cybersecurity shows that organizations are experiencing challenges, falling behind, and seeing the impact of all this post-attack.
If you’ve read any of the articles I post here, you already know that cybercriminals are constantly improving their game. So are cybersecurity vendors – but what about the orgs themselves? According to SIEM vendor Splunk’s The State of Security 2022 report, organizations simply aren’t keeping up and are experiencing challenges around maintaining a continually protective cybersecurity stance.
According to the report:
- 49% of orgs have suffered a data breach in the last two years – a 25% increase from the previous year
- 51% report experiencing business email compromise – a 21% increase from the previous year
- 79% of orgs say they’ve encountered ransomware attacks
- 40% of orgs have experienced a regulatory violation – a 43% increase from the previous year
- 54% of orgs say the outages experienced were weekly, every few weeks, or monthly
So, why are orgs going in the wrong direction?
According to the report, there are a few reasons:
- Security teams are falling behind – a complex security stack, skilled labor issues and over-focusing on compliance are some of the top reasons
- The threat landscape is becoming more sophisticated – attackers are improving their game, while 64% of orgs say keeping up with security requirements has gotten harder
- Remote workers are still a challenge – according to the report, 65% of orgs have seen a rise in cyberattacks attributable to remote workers
- Ransomware is increasing – 79% of orgs have either fended off or fell victim to a ransomware attack
To remain protected, orgs need to employ every possible means to strengthen their security stance – one that should include empowering users to identify phishing attacks before they can do any damage. This is accomplished using continual Security Awareness Training that educates the user on the need to play a role in the organization’s cybersecurity stance.