It’s been a tough time for cybersecurity professionals, and not just because of the financial belt-tightening underway at many companies. Even as organizations are economizing on everything from desk space to free coffee — and sometimes on cybersecurity, too — cyber threats are consistently getting worse. Seventy-six percent of respondents to a survey in the U.S., Canada, U.K., Australia and New Zealand said their organization suffered at least one cyberattack in 2022 — up from 55% in 2020. And no one expects the threat landscape to improve this year.
The reasons more and more organizations are getting hit are twofold: first off, attackers are more sophisticated, organized and well-compensated when they succeed. Many enjoy state sponsorship. Nation-state cyberattacks doubled in 2022, according to Microsoft's Digital Defense Report 2022. Yet secondly, and perhaps most importantly, most organizations are not nearly as ready for cyberattacks as they think they are — despite all their not-insignificant investments in preparation.