50% of companies suffer repeat attacks by the same hackers
September 2021 by Atlas VPN
According to the data presented by the team of Atlas VPN, 50% of businesses worldwide have experienced recurring attacks from the same hackers, with companies in the United Kingdom suffering the most.
What is more, out of the businesses that experienced repeated attacks, a whopping 61% of them did not remediate the breaches, leaving the companies vulnerable to any further attacks.
Companies in the UK have had the most cybersecurity incidents — 55%, followed by organizations in North America (50%), Europe (49%), and Latin America (48%).
The top five security threats affecting organizations are cloud vulnerabilities (65%), denial of service attacks (60%), phishing and social engineering attacks (52%), malicious insider threats (45%), as well as DNS-based attacks (44%).
Low-value security alerts and shortage of staff are the main security challenges for organizations
As cyber attacks are growing more sophisticated, breaches are becoming everyday events rather than worst-case scenarios. But what are the challenges that organizations face when dealing with cyber incidents?
The number one challenge of survey respondents is that their systems generate too many low-value security alerts. When security analytics systems cannot effectively prioritize alerts, it wastes the team’s time by asking it to clear low-value alerts while highly important alerts linger at the bottom of the queue. Therefore, 69% of companies see it as a significant challenge.
Shortage of staff is another prevalent issue. In total, 60% of companies have a shortage of in-house expertise that could utilize security technologies, 56% say they lack the staff to pick up the workload, while 53% lack employees or skills to deliver lasting data-driven outcomes.
Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation:
“As long as organizations do not address existing vulnerabilities and security issues, they risk being hit by cybercriminals again. Organizations should prioritize internal processes that they can control over external security risks that they cannot. ”