As businesses see more employees working remotely, deploy more services in the cloud and use a wider range of applications, they create complexity that increases the risk to their IT infrastructure and services.
The combination of these factors help to explain the growing reports of attacks, with nearly two-thirds (63%) of IT professionals reporting between 1 and 50 cyberattacks between 2021 and 2022, and almost 10% seeing over 251 incidents against their systems.
With every business a potential victim of a cyberattack, IT leaders need to ensure that the typical tools such as the latest firewalls, malware detection and virus checkers are supported by cloud-facing applications. These include cloud security posture management (CSPM) and cloud access security broker (CASB) solutions, backed up by strong compliance and governance efforts to protect the business at every step.
What cybersecurity challenges are businesses facing in 2023?
For business and IT leaders, typical malware attacks are no longer the only type of attack businesses need to be thinking about, even though this is the greatest challenge for 64% of respondents. Most are focused on delivering strong cloud security (57%) and preventing insider attacks (17%), which highlights the broad spectrum of protective services and tools required to identify breach attempts.
51% of IT professionals are focused on phishing and social engineering attacks that target the user as the weak point, and while many CIOs focus on the technical protection of the business, users must be trained to identify threats that can come through email, messaging, deep-faked voice or video calls and other methods in increasingly sophisticated efforts to access login details or steal directly by deception from business accounts.
With an increasingly mobile workforce, the long-serving laptop remains the most vulnerable endpoint (73%), but beyond tablets, mobile devices and desktop computers, the more portable threat of a USB stick or device remains a security risk for 28%.
Despite all this, 64% of IT professionals consider their cybersecurity posture secure while 23% consider their posture as very secure. This is further supported with 56% of respondents able to identify, respond and contain an incident within 24 hours. But in a landscape of increasingly automated attacks, those who take longer than a day will find their businesses likely compromised.
For any business, the key to reducing the overall risk of a breach is to shorten the time to identify and mitigate any intrusion. This is achieved through software that automatically detects and alerts staff of new threats, ensuring all endpoints are secured and workers are trained in identifying the risks they face.
Large organizations (1,000 to 4,999) are the least responsive with only 45% catching intrusions within 24 hours, and the largest segment (7.9%) taking more than 5 months.
Access the Enterprise Security Research Report
For more detailed insights into the current state of enterprise security, including the challenges around remote/hybrid working, how businesses are managing data protection and security as well as their top security priorities for the next year, download the report today.
Access the latest business knowledge in IT
Get Access
Tech Insights for Professionals
Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals.
Comments
Join the conversation...