Cyberattacks on the Rise, Report Finds

In the past 12 months, 85.5% of respondents in the finance industry experienced a successful cyberattack, according to the CyberEdge’s annual Cyberthreat Defense Report (CDR).

“The last year has been enormously challenging, both personally and professionally, on so many levels. When the world was turned upside down by the COVID-19 pandemic, cybercriminals exploited the situation in many ways. Phishing campaigns, deceptive domains, and malicious apps are just a few of the tactics employed to convert pain into profit,” CyberEdge said.

This year’s report is based on survey results obtained from 1,200 qualified participants hailing from 17 countries across six major regions.

According to the findings, the percentage of organizations experiencing a successful cyberattack rose 5.5% this year, the largest increase in six years.

When CyberEdge launched the first CDR in 2014, 62% of organizations were compromised by successful cyberattacks. 

“Just over 86% of our responding organizations experienced at least one successful cyberattack within the preceding 12 months, with about four in 10 organizations experiencing six incidents or more,” CyberEdge said.

“We believe this surge is due in large part to the dramatic rise in BYOD (bring your own device) policy adoptions and a massive increase in third-party risks.”

The COVID-19 pandemic has sparked more interest in cloud-based IT security solutions than ever before. 

“In our 2020 CDR, respondents indicated that 35.7% of their collective security applications and services were delivered via the cloud. This year, that figure has risen to 40.6%, which equates to nearly a 14% increase in just 12 months.”

For the first time since CyberEdge began tracking this statistic four years ago, the percentage of a typical IT budget spent on security has remained flat (at 13%) rather than rising. 

And for the first time in its eight-year CDR history, the percentage of organizations with rising security budgets has fallen (from 85% to 78%) and the average security budget increase has also declined (from +5% to +4%). 

Meanwhile in the U.S., average IT security budgets are rising by 3.8% this year, just under the +4.0% global mean. 

“So, overall IT security spending is still rising, but at a slower pace than usual,” the report said.

Eight years ago, 38% of CDR respondents felt that it was more likely than not that their company would be compromised by a successful cyberattack in the coming year. 

“Sadly, eight years later, that number has doubled to 76%,” CyberEdge said. 

Of the 12 classes of cyberthreats tracked each year, concern for malware has been atop the list for six straight years with a score of 4.04.

The next two classes of cyberthreats – ransomware (3.99) and phishing/spear-phishing attacks (3.99) – have appeared in the top three for the last four years. 

The survey data confirms the overwhelming preference of organizations for security products that feature Machine Learning (ML) or Artificial Intelligence (AI). 

“Machine learning and artificial intelligence algorithms in cybersecurity products are here to stay. We think this preference will continue to feed an ever-stronger trend toward greater use of ML and AI across more-comprehensive security data sets.”

“Mitigating today’s cyberthreat risks takes more than investing in the right technologies. You must ensure those technologies are deployed optimally, configured correctly, and monitored adequately to give your organization a fighting chance to avoid being a front-page news story,” CyberEdge said.