Article
Cloud & Cybersecurity

Big business suffers global surge in cybersecurity attacks

By George Hopkin
November 22, 2022
undefined mins
A new report indicates 32 per cent of global businesses have suffered a serious cybersecurity breach in the past year, with more incidents expected in 2023

Around a third of global organisations have had customer records compromised multiple times over the past year as they battle “a surging level of risk”, according to a new report.

The findings come from Trend Micro's semi-annual Cyber Risk Index (CRI), compiled by the Ponemon Institute from interviews with over 4,100 organisations across North America, Europe, Latin/South America, and Asia-Pacific.

The CRI calculates the gap between organisational preparedness and the likelihood of being attacked, with -10 representing the highest level of risk. The global CRI index moved from –0.04 in the second half of 2021 to –0.15 in the first half of 2022, indicating a surging level of risk over the past six months.

This trend is also reflected elsewhere in the data: the number of global organisations experiencing a "successful" cyber-attack increased from 84 per cent to 90 per cent over the same period. The number now expected to be compromised over the coming year has also increased from 76 per cent to 85 per cent.

"The CRI continues to provide a fascinating snapshot of how global organisations perceive their security posture and the likelihood of being attacked,” says Dr Larry Ponemon, Chairman and Founder of Ponemon Institute. “The stakes couldn't be higher in the face of stiff macroeconomic headwinds. Respondents pointed to the high cost of outside expertise, damage to critical infrastructure, and lost productivity as the main negative consequences of a breach."

Clickjacking, ransomware and login attacks among top threats

Some of the top risks highlighted by the index report are related to attack surface discovery capabilities. It is often challenging for security professionals to identify the physical location of business-critical data assets and applications.

Respondents said the top cyber threats in the first half of 2022 were business email compromise (BEC), clickjacking, fileless attacks, ransomware and login attacks (credential theft).

The biggest business concern is the misalignment between CISOs and business executives, say the report authors. The question "My organisation's IT security objectives are aligned with business objectives" received an overall score of 4.79 out of 10.

By addressing the shortage of cybersecurity professionals and improving security processes and technology, organisations will significantly reduce their vulnerability to attacks, say the report authors.

"You can't protect what you can't see,” says Jon Clay, VP of Threat Intelligence at Trend Micro. “But with hybrid working ushering in a new era of complex, distributed IT environments, many organisations are finding it difficult to eradicate growing security coverage and visibility gaps. To avoid the attack surface spiralling out of control, they need to combine asset discovery and monitoring with threat detection and response on a single platform."

cybersecurityransomwarerisk
Share
Share
Author
George Hopkin

Featured Articles

Microsoft & Alphabet: AI and Cloud Strategy Driving Success

Tech giants Microsoft and Alphabet are going all in on AI and cloud computing, investing billions to develop powerful models and platforms

Vodafone’s Maria Grazia Pecorari joins Tech & AI LIVE London

Maria Grazia Pecorari, Director of Strategy and Wholesale at Vodafone UK to speak at Tech & AI LIVE London

How Alteryx Aims to Bring Data Analytics Skills to All

With digital leaders citing skills shortages as a major business obstacle, Alteryx has announced partnerships to tackle the data and analytics skills gap

Ivanti’s David Shepherd joins Tech & AI LIVE London

Digital Transformation

Dell Technologies: Firms Expect AI to Transform Industries

AI & Machine Learning

Top 100 Women 2024: Robyn Denholm, Tesla - No. 8

AI & Machine Learning