Kroll, the independent provider of global risk and financial advisory solutions, has revealed that organisations experienced an average of five major security incidents in just the last year in its latest report. But as these attacks and other recent cyberattacks claim reputable victims, how confident are organisations about their cybersecurity measures?
Cyber attacks have dominated headlines in recent weeks, as some of the world’s biggest and richest companies have fallen victim to various hacking groups. The BBC, British Airways, Aer Lingus and Ofcom all had employee payroll information stolen in the recent MOVEit attack which continues to claim victims.
Even the likes of Microsoft have revealed that disruptions and outages its office suite, including Outlook, experienced at the beginning of June were a direct result of cyber attacks. When even the biggest players in the tech world are exploited in some way, how confident can other organisations really be about their safety?
Despite these facts, Kroll’s ‘2023 State of Cyber Defense Report: The False-Positive of Trust‘ reveal that 37 per cent of senior security decision-makers still ‘completely’ trust that their organisation is protected and can successfully defend against all cyber attacks. But is this confidence misplaced given the current climate?
Overall, trust in employees to avoid cyberattacks (66 per cent) is ranked higher than the ability of the security team to identify and prioritise security gaps (63 per cent), the accuracy of data alerts (59 per cent), the effectiveness of cybersecurity tools and technologies (56 per cent), and the accuracy of threat intelligence data (56 per cent).
‘There is no ‘one and done’ solution for an ever-changing landscape’
Meanwhile, the report highlights that despite organisations deploying on average eight cybersecurity platforms, the higher the average number of platforms installed, the more cybersecurity incidents organisations have experienced.
This correlation between the number of security tools and the number of security incidents suggests that trusting security tools alone is misguided and suggests that security teams may not fully understand the threats they face. Further, despite a high number of security tools deployed, only 24 per cent have a managed detection and response (MDR) or managed security service provider Solution (MSSP).
This confirms that having multiple security tools on a network does not guarantee protection, and without a partner that routinely manages and updates the security monitoring solutions – what an MDR provider would perform – organisations are more vulnerable to threats.
Edward Starkie, associate managing director of cyber risk at Kroll, commented: “To navigate the current threat landscape, trust is imperative. There needs to be trust in teams, trust in technology, intelligence sources, and in suppliers. However, there is a critical balance to be made on how much and where that trust should be placed.
“Further, businesses seem unaware of the importance of continued managed response. Of course, this is understandable considering the sheer volume of data that security teams deal with and the number of cyber incidents businesses tackle daily. Security teams want solutions that will fix today’s problems, without appreciating the fact that there is no ‘one and done’ solution for an ever-changing landscape”.
‘Specialist support will provide the critical viewpoint needed’
Only 23 per cent of businesses have cybersecurity insurance coverage and only 20 per cent of IT and security professionals say their security operations are cyber mature and have cyber insurance.
Outsourcing cybersecurity services is gaining popularity: 98 per cent of those that do not already outsource their cybersecurity services have (or are considering) plans to do so, with 51 per cent intending to do so in the next 12 months. However, 89 per cent of IT and security decision-makers say improvement is needed in the transparency between their security teams and security vendors.
Jason Smolanoff, president of cyber risk at Kroll, said: “To move beyond unsafe assumptions about their cybersecurity and become fully cyber resilient, organisations need to keep up to date on evolving cyber threats, gain an in-depth understanding of what their security tools can defend against and maximise tooling in response.
“Organisations can achieve this by working with a trusted external partner to gain an independent and accurate perspective on their security status. Specialist support will provide the critical viewpoint needed to help businesses avoid internal security siloes and enhance their knowledge with constantly-updated threat insight”.