Orgs Brace for Breaches as IT Pros Battle Fatigue

The risk of cyberattacks has increased in the last year and 80% of global organizations report they are likely to experience a data breach that impacts customer data in the next 12 months, according to findings from Trend Micro’s biannual Cyber Risk Index (CRI) report.

The report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked, also found 24% suffered seven or more cyberattacks that infiltrated networks/systems, versus 23% in the previous report.

Cloud Computing Among Top Infrastructure Risks

Among the top two infrastructure risks was cloud computing, with many respondents admitting they spend “considerable resources” managing third-party risks like cloud providers.

The top security risks to infrastructure remained the same as last year, and include organizational misalignment and complexity as well as cloud computing infrastructure and providers.

Respondents also identified customer turnover, lost intellectual property and disruption or damages to critical infrastructure as key operational risks for organizations globally.

Jon Clay, vice president of threat intelligence at Trend Micro, noted that in recent years, there has been a shift from trying to stop every attack to assuming you’ve been breached and working towards identifying the breach, minimizing the time an attacker is inside the network and effectively recovering from the attack.

“I believe the respondents of our survey are likely coming to this realization and looking for ways to improve their preparedness for responding to a successful attack,” Clay said.

The main challenges for cybersecurity preparedness include limitations for security leaders who lack the authority and resources to achieve a strong security posture, as well as organizations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure.

The Reality of Fatigue

“The world has been dealing with a global pandemic, which has taken its toll on people, and malicious actors who have taken advantage of the shifts that had to be made by many organizations around their corporate IT environment,” Clay added. “As such, the fatigue is likely very real and so the leaders of these organizations definitely need to deal with their employees feeling defeated and exhausted.”

To combat these concerns, organizations may want to look at a managed service, where the third party has expertise in identifying suspicious/malicious behavior within their networks and collaborating with internal security teams.

“This could help them by increasing the number of experts who are working for them, identifying potential breach activity sooner and help their internal employees feel like they are being supported by the company,” Clay said.

Kevin Dunne, president at security firm Pathlock, admitted companies are becoming overwhelmed by the number of cyberattacks they are facing, as attackers get more courageous and exploit the increasing shift to cloud applications and infrastructure.

“For now, many of the attacks come without consequence, and the cost to prevent the attacks seems to outweigh the cost of a data breach,” he said. “However, that dynamic is beginning to change, as ransomware attacks are beginning to cause multimillion-dollar disruptions to businesses.”

Additionally, he pointed out, privacy regulations like GDPR and CCPA are starting to result in government agencies handing out significant, multimillion-dollar fines for non-compliance.

“Cybersecurity defense fatigue is a real issue,” Dunne said. “As more data is moved to cloud-based apps, there is less protection provided by the network and infrastructure managed and monitored by internal security. App owners and end users are critical to protecting the data and business processes are reliant on these cloud apps. However, they are being bombarded with more security training and onboarding material as the number of threat vectors rises.”

Security Pros Being Vastly Outgunned

Douglas Murray, CEO at Valtix, agreed that while he doesn’t think security professionals are giving up, they are being “vastly outgunned” by the constant waves of attack.

“The transition to public cloud has just made matters worse in creating so many new challenges that their existing on-premises security tools don’t really adapt well to,” he said. “We can combat cyber defense fatigue by enabling the security teams with tools that can truly keep up with the needs of the dynamic environment they are managing.”

Unfortunately, for most organizations, that means a transition to cloud-native tools from a legacy stack that’s holding them back.

“Security professionals are resilient. There’s no doubt that they will always return to the purpose of security, which is to provide business resilience and to ensure that critical data remains secure and confidential,” Murray said. “Tools continue to improve and the ongoing evolution to the cloud will only improve things once organizations embrace cloud-native security.”

Clay said some other initial steps organizations can take are to revisit their cybersecurity strategy and look to shore up their basic cybersecurity hygiene as attackers look to exploit low-hanging fruit—the simple things organizations could be doing.

“Things like patching, hardening administrative accounts, monitoring legitimate tools being used within and enabling many of the advanced detection technologies available to them,” he said. I’m optimistic that many organizations can implement the small things that could have a dramatic impact on their ability to improve their preparedness against attacks.”

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now ... Read More
Security Boulevard

Nathan Eddy

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

nathan-eddy has 168 posts and counting.See all posts by nathan-eddy