The latest data from 1,200 IT organizations shows organizations seeing attacks as inevitable and, for some industries, successful compromise as even more a given.
The 6th annual Cyberthreat Defense Report, tech marketing agency Cyber Edge provides us with a glimpse into the minds of IT organizations everywhere. According to the report, IT organizations remain concerned about the same issues, with no end in sight:
- Malware
- Phishing Attacks
- Ransomware
- Account Takeover / Credential Abuse
These methods of attack are nothing new, which raises the question why are these kinds of attacks still happening? According to the report, most organization face the very real likelihood of being compromised (not just attacked – compromised) in the next 12 months. Industries like Education and Retail face a nearly 75% likelihood of compromise – something that simply can’t be ignored.
So, what’s keeping organizations from establishing an effective defense?
According to the report, the top three barriers are:
- Too much data
- Lack of skilled personnel
- Low security awareness among employees
It should be noted that skilled personnel and security awareness tied for second place. What’s interesting is that by addressing low security awareness – which reduces the attack surface and likelihood of successful attack – there’s less need for skilled security personnel and less need to sift through data to make sense of potential attack behaviors.
By adding Security Awareness Training to the strategy, organizations can add the user in as another layer, helping to identify and stop attacks before they begin. By educating users to be security-minded when surfing the web and interacting with email, they can reduce the likelihood of successful attack by not engaging in scams, clicking malicious links, or opening unknown attachments.
The report makes the point that organizations are aware of the problem. It’s time to do something about it that will be effective and have an impact in the fight against cyberattack.