93 per cent of organisations find cyber war challenging
• 3 out of 4 struggle to identify causes of malicious attacks
About 93 per cent of organisations find the execution of some essential security operation tasks, such as threat hunting, challenging.
The findings ate contained in ‘The State of Cybersecurity 2023: The Business Impact of Adversaries on Defenders’, a new study by a cybersecurity service firm, Sophos.
The firm said that the challenges before firms include understanding how an attack happens, with 75 per cent of respondents saying they have challenges identifying the root cause of an incident.
Sophos, in the global survey, noted that the challenges make proper remediation difficult, leaving organisations vulnerable to repetitive and/or multiple attacks, by the same or different adversaries, with 71 per cent of those surveyed also reporting challenges with timely remediation.
Also, 71 per cent said they have challenges understanding which signals to investigate.
Field Chief Technical Officer, Commercial, Sophos, John Shier, said: “Only one-fifth of respondents considered vulnerabilities and remote services a top cybersecurity risk for 2023, yet the ground truth is that these are routinely exploited by Active Adversaries. This cascade of operational issues means that these organisations aren’t seeing the full picture and are potentially acting on incorrect information. There is nothing worse than being confidently wrong. Having external audits and monitoring helps eliminate blind spots. We can look at you the way an attacker does.”
The report equally revealed that 52 per cent of organisations surveyed said that cyber threats are now too advanced for their organisations to deal with on their own, while 64 per cent with the IT team could spend more time on strategic issues and less time on firefighting.
Also, 55 per cent said that the time spent on cyber threats has impacted the IT team’s work on other projects.
“Today’s threats require a timely and coordinated response. Unfortunately, too many organisations are stuck in reactive mode. Not only is this having an impact on core business priorities, but it also has a sizeable human toll, with over half of respondents stating that cyberattacks are keeping them up at night. Eliminating the guesswork and applying defensive controls based on actionable intelligence will let IT teams focus on enabling the business instead of trying to douse the eternal flame of active attacks,” Shier said.