Prevention is still the main pillar of corporate cybersecurity, says the report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ from Kaspersky Lab. However, if an attack has already come through, detection and response are critical: immediate detection reduces the average cost of recovery more than twice — from $1.2m to $456K for enterprises.

 

In light of recent advanced attacks and epidemic outbreaks like WannaCry and ExPetr, organizations should now be asking themselves ‘what happens when I get hit?’. But with businesses finding it hard to even identify when a security breach has happened, that, according to the report, is an extremely difficult question to answer.

 

Complex attacks and growing uncertainty

 

Cybercriminals, their skillsets and weapons, vary dramatically – from less sophisticated crooks that bully the least protected companies by striking at mass, to advanced military-like groups of hackers that target ‘big prizes’ with multi-layered operations that may not even involve any malware.

 

And while it is relatively simple to escape a bully’s sloppy fists, when encountering a skillful attacker, you should be prepared to take a solid punch.

 

This year’s study reveals that targeted attacks have become one of the fastest growing threats in 2017, increasing in overall prevalence by 11% for large enterprises.

 

It is not only about the quantity of attacks: two-thirds of respondents (66%) in the study agreed that threats are becoming more complex and for 52% it’s becoming difficult to tell the difference between generic and complex attacks.

 

This is becoming a major problem for businesses: they’re starting to realize that a security breach will happen to them at some point (57% compared to 51% last year), but they are still unsure on the most effective strategy to respond to these threats (42%).

 

The scale of the problem is even more worrying as the study showed us that uncertainty is significantly higher (63%) among respondents who are IT security experts and are, therefore, more familiar with the issue.

 

The best incident response mix: technology, people and processes

 

Surprisingly, and despite the high level of uncertainty about their strategies, the majority of companies (77%) believe that they spend enough or even overspend on protection from targeted attacks.

 

This is perhaps due to how threat protection is perceived: threats are sometimes merely seen as a technical problem to be solved through buying and deploying more advanced cybersecurity solutions.

 

A more balanced approach to incident response, however, includes investing not only in the right technologies, but also in people with specific skillsets, and in the right processes.

 

Technology is one of the most important parts in this mix. As the study shows, there is a clear need for security solutions that go beyond prevention and provide a more complete package, also adding a detection and response functionality.

 

For example, 56% of businesses agree that they need better tools to detect and respond to advanced persistent threats (APTs) and targeted attacks.

 

This is especially true, given the fact that detection speed is crucial in reducing the financial impact of an attack. According to the research, in the last year just a quarter (25%) of companies discovered their most serious security incident within a day.

 

However, immediate detection significantly lowers the average cost of recovery – for example from $1.2m for enterprises that take more than a week to detect the threat, to $456K for those that can detect a threat straight away.

 

People are another crucial component. 53% of businesses agree that they need to employ more specialists with specific experience in IT security, namely in SOC management, incident response and threat hunting – a figure that jumps to 61% among enterprises.

 

This is not surprising, as a lack of internal experts increases a company’s exposure to targeted attacks by 15%, and also increases the average financial impact of an attack on enterprises – from $930K to $1.1M.

 

But all in all, to be able to effectively combat complex cyberthreats, organizations also need to think about incident response as a process, not a destination. This means that there’s a need for a comprehensive incident investigation framework, comprised of always-on monitoring, advanced detection and critical security event mitigation.

 

‘Now that companies are starting to realize that cybersecurity breaches are a real risk to their business continuity, it’s time to give incident response the attention it deserves. It can no longer be a small part of the IT security department’s responsibilities, and should instead involve strategic planning and investment at the highest level. For organizations, this doesn’t mean becoming risk-free but it will certainly help to become risk-ready and survive a serious breach when it happens”, says Alessio Aceti, Head of Enterprise Business Division at Kaspersky Lab.

 

To read the full report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ please visit our blog. The full report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ is available here.

 

Kaspersky Lab offers solutions that cover the various needs of enterprise companies related to endpoint protection, DDoS protection, cloud security, advanced threat defense and cybersecurity services. To learn more about our Next Generation enterprise portfolio, please visit our website.


RECOMMENDED ARTICLE FOR TECHWORLD


 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 22 August 2018 2:04 PM | 252 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI.... See More
 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 2:04 PM | 252 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI...See More

PCBG  Writing Staff
Don’t Shoot Me, Shoot the Evil Twin!
Techworld • By: PCBG  Writing Staff | Date Posted: 21 March 2018 2:52 PM | 245 Views
The number of cybercriminals is increasing. Today, we have all sorts of news going on about cyberattacks on businesses and individuals, all having different motives, from political activism, to monetary gain, to downright sociopathic.... See More
PCBG  Writing Staff
Don’t Shoot Me, Shoot the Evil Twin!
Techworld • By: PCBG  Writing Staff | Date Posted: 2:52 PM | 245 Views
The number of cybercriminals is increasing. Today, we have all sorts of news going on about cyberattacks on businesses and individuals, all having different motives, from political activism, to monetary gain, to downright sociopathic...See More

 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 9 February 2017 2:38 PM | 205 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on.... See More
 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 2:38 PM | 205 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on...See More

 
Asia and Middle East a Hotbed of New Threat Actors in Q1, 2018
Techworld Date Posted: 16 April 2018 4:28 PM | 439 Views
During the first three months of the year, Kaspersky Lab researchers discovered a wave of new APT activity based mainly in Asia – more than 30% of Q1 reports were dedicated to threat operations.... See More
 
Asia and Middle East a Hotbed of New Threat Actors in Q1, 2018
Techworld Date Posted: 4:28 PM | 439 Views
During the first three months of the year, Kaspersky Lab researchers discovered a wave of new APT activity based mainly in Asia – more than 30% of Q1 reports were dedicated to threat operations...See More

 
AOC Teams Up with 20th Century Fox for the Exclusive Screening of Kingsman: The Golden Circle
Techworld Date Posted: 25 September 2017 11:37 AM | 204 Views
AOC has partnered with no less than 20th Century Fox for the advanced screening of the much awaited, "Kingsman: The Golden Circle" and arranged a special dinner and programme for the members of the.... See More
 
AOC Teams Up with 20th Century Fox for the Exclusive Screening of Kingsman: The Golden Circle
Techworld Date Posted: 11:37 AM | 204 Views
AOC has partnered with no less than 20th Century Fox for the advanced screening of the much awaited, "Kingsman: The Golden Circle" and arranged a special dinner and programme for the members of the...See More

 
Free YouTube Every Day Promo for Smart, TNT, and Sun Customers Extended until October 31
Techworld Date Posted: 9 August 2018 4:20 PM | 262 Views
Filipino mobile users now have more reason to discover and learn something daily through informative and entertaining videos as PLDT wireless arm Smart Communications, Inc. See More
 
Free YouTube Every Day Promo for Smart, TNT, and Sun Customers Extended until October 31
Techworld Date Posted: 4:20 PM | 262 Views
Filipino mobile users now have more reason to discover and learn something daily through informative and entertaining videos as PLDT wireless arm Smart Communications, IncSee More

 
Silence Trojan: The New Russian-Speaking Hacking Group Hunts for Financial Organizations
Techworld Date Posted: 6 November 2017 4:02 PM | 238 Views
In September 2017 Kaspersky Lab researchers identified a new series of targeted attacks against at least 10 financial organizations in multiple regions including Russia, Armenia, and Malaysia. The hits are being performed by a.... See More
 
Silence Trojan: The New Russian-Speaking Hacking Group Hunts for Financial Organizations
Techworld Date Posted: 4:02 PM | 238 Views
In September 2017 Kaspersky Lab researchers identified a new series of targeted attacks against at least 10 financial organizations in multiple regions including Russia, Armenia, and Malaysia. The hits are being performed by a...See More

 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 8 January 2018 4:30 PM | 311 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.. See More
 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 4:30 PM | 311 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.See More

 
SAP Names Scott Russell President of SAP Asia Pacific Japan
Techworld Date Posted: 20 July 2017 2:31 PM | 193 Views
SAP SE (NYSE: SAP) today announced that Scott Russell has been appointed president of SAP Asia Pacific Japan (APJ). In his new role, Scott will be responsible for growing SAP’s business and presence in.... See More
 
SAP Names Scott Russell President of SAP Asia Pacific Japan
Techworld Date Posted: 2:31 PM | 193 Views
SAP SE (NYSE: SAP) today announced that Scott Russell has been appointed president of SAP Asia Pacific Japan (APJ). In his new role, Scott will be responsible for growing SAP’s business and presence in...See More

 
Fortinet Introduces New Security Automation Capabilities on Amazon Web Services, Expands Fortinet Security Fabric Offerings
Techworld Date Posted: 4 January 2019 1:19 PM | 68 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced the expansion of its Fortinet Security Fabric offerings and new automation capabilities for Amazon Web Services (AWS). See More
 
Fortinet Introduces New Security Automation Capabilities on Amazon Web Services, Expands Fortinet Security Fabric Offerings
Techworld Date Posted: 1:19 PM | 68 Views
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has announced the expansion of its Fortinet Security Fabric offerings and new automation capabilities for Amazon Web Services (AWS)See More


Power by

Download Free AZ | Free Wordpress Themes