Eighty-eight percent of European organizations' risks are internal, according to the 2019 Telstra Cyber Security Report.
Ten percent of European companies reported experiencing weekly occurrences of internal risks, 20 percent reported monthly occurrences and 22 percent said that it happened at quarterly intervals.
More key findings include:
- 27 percent of those who were surveyed said it took days, on average, to identify such unintentional security incidents, while 15 percent said it took weeks.
- 20 percent of companies surveyed experienced security incidents due to intentional employee actions on a monthly basis, and 22 percent said it occurred every six months.
- 46 percent of European respondents surveyed indicated that the level of concern from customers on data privacy has increased over the past 12 months.
- 83 percent of European organizations surveyed spend up to 20 per cent of their overall IT budget on security.
- Human error is the biggest source of concern related to European organizations' security incidents 20 percent.
- Half of European victims (50 percent) who experienced a ransomware attack paid the ransom.
- Security breaches of all types are still extremely prevalent as 64 percent of European organizations suffered at least one security breach in the past year that resulted in a confirmed disclosure.
- Phishing attacks (91 percent), vulnerable unpatched systems (89 percent) and operational technologies such as video cameras and building management systems and malware attacks such as spyware, downloader, adminware (87 percent) are the most popular gateways for attacks. These were followed closely by operational technology attacks, business email compromises and Distributed Denial of Service (DDoS) attacks (85 percent), web application attacks (84 percent), identity theft (82 percent), advanced persistent threat (APT) attacks (80 percent), hacking (79 percent) and ransomware (78 percent).