BUCHAREST, Romania, Oct. 1, 2019 /PRNewswire/ -- Six in every ten businesses have experienced a breach at some point during the last three years, with a quarter of infosec professionals reporting they had already suffered a data breach halfway through 2019 according to recent research from Bitdefender. What's more, at least a third of infosec professionals (36%) whose employers had not been a recent victim of a cyber attack believe they are likely facing one without knowing it.
These findings, and more, are revealed today in Bitdefender's global Hacked Off! Study and related infographics, which explores, in detail, the pressures faced by infosec professionals, how these impact the effectiveness of security measures, and analyzes the best strategies to keep organizations safe. The study takes into account the views and opinions of more than 6,000 infosec professionals, across the UK, US, Australia, New Zealand, Germany, France, Italy and Spain. Respondents represent a broad cross-section of organizations from fledgling SMEs, through to publicly listed 10,000+ person enterprises in a wide variety of industries, including finance, government and energy.
Threats are heating up, the pressure is high, and sleep low
Infosec professionals are acutely aware of the risks their organizations face. More than half (58%) worry about organizational readiness in the face of a global cyberattack and 49% are losing sleep over it. And the C-suite does little to ease their anxiety. While more than a third of respondents report a lack of cybersecurity understanding from general employees, more disconcerting is the lack of cybersecurity support at the most senior levels. C-suite support is minimal, with as many as 57% of infosec professionals revealing that key executives are the least likely to comply with organizational cybersecurity policy — either pushing back on, or completely disregarding the rules.
Stress levels remain high as infosec professionals continue to suffer from breach fatigue. On average, more than half (53%) of endpoint detection and response alerts are false alarms, and 49% of infosec professionals say their team experience both alert and agent fatigue. Stress is compounded by the belief that 73% of respondents think their organization is more at risk of a cyber attack because they are under-resourced. This is higher (78%) for respondents at companies employing more than 1,000 people.
"According to respondents, resources are such a stressor that 53% of infosec professionals have contemplated leaving their job due to under-resourcing in terms of staff. Resources are in fact such a bugbear that infosec pros say the main obstacles to their organizations' strengthening their cybersecurity posture are a lack of budget and a lack of skilled personnel," comments Liviu Arsene, Global Cybersecurity Researcher at Bitdefender.
There's a need for speed, and grave consequences for being slow off the mark
There is a desperate need for the speed of response to increase. Almost one in three infosec professionals (29%) reveal that it would take a week or longer to detect an advanced cyber attack, and only three in every one hundred reported that 100% of advanced attacks can be efficiently detected and isolated. For three in every ten companies (31%), the figure is less than half, suggesting there is vast room for improvement. Respondents anticipate the fallout from being unaware of an on-going breach would be 'business interruption' (43%), 'reputational cost' (38%), and a 'loss of revenue' (37%). However, what's most concerning to infosec professionals is the loss of customer trust. More than a third (37%) say it is their biggest concern.
There is hope, and solutions aplenty
Despite the need for improvements, 57% of infosec professionals rate their organizations' cybersecurity either very good or excellent.
Arsene concludes, "Poor cybersecurity is an undeniable threat to businesses today. From the loss of customer trust to the impact on the bottom line it is critical for infosec professionals to get it right.
"Our advice would be to focus on critical areas of improvement. The Hacked Off! Study reveals that infosec professionals believe that the main drivers for boosting their organizations' cybersecurity profiles are improving data protection, and faster detection and response capabilities. In addition, respondents suggest investments also need to be made into more effective ways of detecting cyber threats, with 'network traffic analysis', and antimalware technology topping the list. And interestingly, they reveal EDR should not be discounted, with seven in ten infosec professionals believing that EDR can help prevent future attacks."
Bitdefender is a global cybersecurity leader protecting over 500 million systems in more than 150 countries. Since 2001, Bitdefender innovation has consistently delivered award-winning security products and threat intelligence for people, homes, businesses and their devices, networks and cloud services. Today, Bitdefender is also the provider-of-choice, used in over 38% of the world's security solutions. Recognized by industry, respected by vendors and evangelized by our customers, Bitdefender is the cybersecurity company you can rely on www.bitdefender.com.