Cybersecurity report: companies expect cyber attacks
Commvault the provider of data protection and cyber resilience solutions for hybrid cloud organizations, has released a new IDC report, "The Cyber-Resilient Organization: Maximum Preparedness with Bullet-Proof Recovery Survey," commissioned by Commvault.
In this report, IDC surveyed more than 500 security and IT operations executives worldwide to provide an up-to-date view of how organizations perceive modern security threats and how they are strengthening their cyber resilience. The key findings of this report fall into three areas: Executive level engagement in cyber resilience initiatives, fears of data leaks and vulnerable workloads, and the need for automation.
Does cyber resilience start in the boardroom?
The study shows that in many cases, business leaders are barely involved in their company's cyber resilience initiatives - only one-third (33 percent) of CEOs or managing directors and less than one-quarter (21 percent) of other senior executives are heavily involved. According to the study, the majority (52 percent) of senior executives are not involved in their company's cyber events.
In addition to a lack of executive commitment, there is often confusion between ITOps and SecOps teams about who is responsible for what in terms of preparing for cyber defense. Only 30 percent of SecOps teams fully understand the roles and responsibilities of ITOps in preparing for and responding to cyber attacks. Only 29 percent of ITOps teams know which tasks fall under SecOps responsibilities.
According to IDC, executives have a key role to play in ensuring that organizations prioritize cyberattack preparedness. In addition, organizations must ensure that ITOps and SecOps teams are fully aligned. Otherwise, organizations will be more vulnerable to successful attacks and recovery processes will be more protracted.
Data leaks and workloads
According to the study, data leaks are a big problem and workloads vary in their vulnerability. Sixty-one percent of respondents believe data leaks are "likely" to be "very likely" in the next 12 months due to increasingly sophisticated attacks. Study participants considered on-premises workloads more vulnerable than cloud workloads. On a scale of one to five, with five representing high vulnerability, respondents rated on-premises data stores at 2.8 and physical workloads at 2.77 - higher than cloud workloads (2.67).
Data exfiltration, preferred tactic
The study also shows that data exfiltration attacks - in which malware or a malicious actor performs an unauthorized data transfer - are nearly 50 percent more common than those attacks in which hackers attempt to decode encrypted data. Respondents ranked phishing as the biggest threat to combat. That's because most ransomware attacks start by successfully compromising user account credentials.
Since cyber attackers always use clever tactics, it is very likely that anomalies and successful attacks will be overlooked if IT managers rely on manual detection and reporting procedures. One possible solution would be automation, which would allow attacks and risks to be detected more quickly to mitigate the impact of attacks. However, most companies (57 percent) only automate their key functions to a limited extent. This increases the likelihood that they will miss a threat before it occurs. Only 22 percent of respondents say they have fully automated their operations.
"Cyber attackers never rest and are constantly discovering new ways to exploit vulnerabilities. A truly effective cyber resilience strategy must go beyond mere backup and recovery. It is important that organizations take a new approach that includes prevention and mitigation of damage as well as recovery," said Phil Goodwin, research vice president, Infrastructure Systems, Platforms and Technologies Group, IDC. "Whether on-premises, in the cloud or in a hybrid environment, security managers need to integrate multiple layers of defense. With AI now a tool for both defense and offense, the urgency of comprehensive cyber resilience has never been more apparent."
"Merely responding to cyber threats is a thing of the past. Senior leadership must ensure that teams prioritize proactive defense, real-time risk analysis and robust risk management to pave the way for true cyber resilience," said Javier Dominguez, CISO, Commvault. "It is also critical that SecOps and ITOps teams work closely together to take a holistic, end-to-end view of their security posture. With Commvault, resilience is not an afterthought - it's a blueprint."
Source: www.commvault.com
