Only 39% of Breached Companies Can Confidently Identify Source

March 22, 2018

Nearly four in five companies (79%) were hit by a breach in the last year, according to new research from Balabi. The report, titled The Known Unknowns of Cyber Security, also revealed that seven out of ten (68%) businesses expect to be impacted by further breaches this year, with more than a quarter anticipating a breach to occur within the next six months.

The Unknown Network Survey, deployed in the UK, France, Germany and the US, reveals the attitudes of 400 IT and security professionals surrounding their IT security concerns, their experience with IT security breaches, their understanding of how and when breaches occur, and the strategies they’re using to combat hackers.

Knowing your Environment

The majority of businesses know very little about the nature of the security breaches that take place within their organizations. Whilst a high percentage of companies have experienced a breach, less than half of respondents (48%) feel fully confident that they would know if a breach had even happened, meaning that more could have taken place without their knowledge. Furthermore, only 42% of respondents feel very confident about what data was accessed during a breach, and a mere 39% were fully confident that they could identify the source of a breach.

Privileged users, who are granted the most access within an organization, are vulnerable to attack and can open the door to insider threats, leading to internal tension around the development of cohesive security strategies. With half of all security breaches being employee-related, 69% of senior IT professionals agree that an insider data breach is the biggest threat they are facing in network security.

"Attacks are becoming more and more sophisticated and every organization is at risk,” said Csaba Krasznay, security evangelist, Balabit. “Security is no longer about simply keeping the bad guys out. Security teams must continuously monitor what their own users are doing with their access rights, as part of a comprehensive and cohesive security strategy.”

“What’s really alarming, though, is that the majority of businesses know very little about the nature of the security breaches that are happening to them. Many even admit that a security breach could quite feasibly go unnoticed. That’s how loose a grip we’ve got on them, or how little we really understand them. We know about breaches, sure – but we really don’t know enough,” Krasznay continued.

Turning the Security Unknowns into Knowns

The research showed that 80% of respondents agree that educating employees is key to securing the network. The truth is, however, that businesses must aim for a balance between technology and employee education in order to tackle the insider threat, no matter if it is a malicious or accidental threat.

While 83% of businesses agree that technology is effective in preventing breaches, 73% think technology struggles to keep up with security threats. It’s no surprise that there still isn’t a cohesive response to the on-going threat of cybercrime.

The research demonstrates that more often than not, when the threat is unpredictable and already exists within a business, it is essential to create comprehensive security strategies. This should incorporate a balance of both employee education and appropriate security technology. This way, organizations can ensure they understand their environments and are prepared to tackle ever-evolving security threats.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.