Key Takeaways:
Cybercriminals seem to have an infinite amount of funds and ambition to cause havoc, making it a challenge to keep up with them, as revealed in a recent report from Sophos, a global leader in cybersecurity. No one is safe – 94% of organizations suffered a cyberattack in 2022, and every company, regardless of size or revenue, should understand that there’s a target on its back.
The very tools – such as automation – that accelerate the speed of business are being used by bad actors to deploy a range of clever attacks at scale. Defenders cannot keep up, limited by a gap in expertise, almost constant alerts, and time-consuming incident response.
Additionally, 93% of organizations find it difficult to operationalize the detection of threats and response, and you have a cybersecurity environment with a huge impact on business finances, operations, and resourcing.
In this article, we’ll summarize the report's main points, which resulted from input from 3,000 IT/cybersecurity leaders in 14 countries in January and February 2023. You can also check out a quick summary video of this report by clicking here!
Data is the lifeblood of modern organizations, and the top concern is data exfiltration – theft or removal of data, and misconfiguration of security tools is the number one perceived risk. In addition, the study reported
There’s also a personal toll – 57% of IT professionals reported they lose sleep worrying about cyberattacks. Other than data theft, phishing, ransomware, cyber extortion, DDoS, business email compromise, and active adversaries are the top concerns.
We cannot ignore that cybercrime is a reality and its increasing sophistication. The cybercrime economy is thriving, and the barriers to entry for would-be criminals have been lowered by the growth of the “as a service” model. This includes access-as-a-service, phishing-as-a-service, and scamming-as-a-service.
Active adversary attacks have become more common. These bad actors adapt their tactics, techniques, and procedures (TTPs) using real-time, hands-on-keyboard responses not only to defeat cybersecurity technology but to evade detection. This type of attack was experienced by 23% of respondents in 2022
Endpoint, firewall, and other security control misconfigurations are a concern, followed by zero-day attacks and a lack of in-house cybersecurity expertise. The report points out the direct relationship between a skills shortage and the misconfigurations that create defense gaps.
And of those threats that bypass defenses, fewer than half of security alerts are investigated, per the report, due to the need for cybersecurity-savvy staff. This lack of expertise means that 75% of IT professionals find identifying the root cause a significant challenge.
In their State of Ransomware report, Sophos places the average ransomware remediation at $1.4 million. This includes cleanup costs, but those aren’t the only impact – the hourly resource cost for every security alert investigation, considering the salary of an IT security specialist, is quite high. And burnout is a significant issue, adding more tasks to already full IT plates.
Cyberthreats are now too advanced for their company to deal with without outside help, according to 52% of IT professionals. This number rises to 64% for small businesses with 100-250 employees. This is brought home by the business impact: more than half of respondents say handling cybersecurity threats negatively impacts work on other projects.
The solution lies in a sophisticated, experienced, and dedicated cybersecurity MSP partner like Endsight, Sophos’ MSP Partner of the Year. We:
Endsight is an acknowledged leader in cybersecurity. In addition to our Sophos award, Year after year, we’ve won a CRN Managed Service Provider 500 award in the Security 100 category.
We excel in providing complete technology support solutions that create optimal IT management along with human-friendly technical support with cybersecurity experts that keep you one step ahead of attackers.
Our core values not only bring peace of mind regarding cybersecurity protection – we offer an honest partnership, commitment to your long-term success, and unparalleled, dependable service. Reach out today.
Last year, 94% of organizations suffered a cyberattack. You’re next. Don’t risk everything – build a strong defense with the experts at Endsight. Learn more about cybersecurity with our training resources and then book a free assessment.