Survey reveals companies hit with cyber attacks likely to face repeated onslaughts
Other findings: Medium companies suffer more business-impacting damage and for longer periods than larger companies.
78% of companies affected don’t publicly report their breaches.
New York, and Tel Aviv, (June 15th, 2022) – Cymulate, the Extended Security Posture Management market leader, announced today the results of a survey, revealing that two-thirds of companies who have been hit by cyber-crime in the past year have been hit more than once, with almost 10% experiencing 10 or so more attacks a year. Research taken from 858 security professionals surveyed across North America, EMEA, APAC and LATAM across a wide range of industries including technology, banking, finance, and government, also highlighted larger companies are experiencing shorter disruption time and damage to business with 40% reported low damage compared with medium-sized businesses (less than 2,500 employees) which had longer recovery times and more business affecting damage. Other highlights include:- 40% of respondents admitted to being breached over the past 12 months.
- After being breached once, statistics showed they were more likely to be hit again than not (66%).
- Malware (55%), and more specifically ransomware (40%) and DDoS (32%) were the main forms of cyber attacks experienced by those surveyed.
- Attacks primarily occurred via end-user phishing (56%), via third parties connected to the enterprise (37%) or direct attacks on enterprise networks (34%).
- 22% of companies publicly disclosed cyber attacks in the worst-case breaches, with 35% needing to hire security consultants, 12% dismissing their current security professionals and 12% hiring public relations consultants to deal with the repercussions to their reputations. Top three best practices for cyberattack prevention, mitigation and remediation include multi-factor authentication (67%), proactive corporate phishing and awareness campaigns (53%), and well-planned and practiced incident response plans (44%). Least privilege also ranked highly, at 43%.
- 29% of attacks come from insider threats – intentionally or unintentionally.
- Leadership and cybersecurity teams who meet regularly to discuss risk reduction are more cybersecurity-ready – those who met 15 times a year incurred zero breaches whereas those who suffered six or more breaches met under nine times on average.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe