Ransomware takes backseat to data theft as protection of sensitive data keeps IT professionals awake at night
September 2023 by Integrity360
Integrity360 has announced findings from independent research into the cybersecurity threats being faced, the volume, and the challenges with incident response. The survey of 205 IT security decision makers was conducted between 9th-14th August 2023, and highlights their principal cybersecurity threats and concerns, with over half of the respondents (55%) citing data theft as the biggest concern, with ransomware taking third place (29%) after phishing (35%).
On further break down of the findings, CIOs (30%) and CTOs (33%) surveyed also ranked APTs (advanced persistent threats) and targeted attacks as a bigger concern than ransomware (28%, 33%). As APTs are generally established to deliver objectives with national-level implications such as espionage or destruction of infrastructure, it’s no surprise that as these threats continue to mount, the emphasis on ransomware, whilst still an ongoing concern, is lessening relative to other threats.
Furthermore, APTs and targeted attacks were cited by almost 20% of respondents as the fourth most frequent cybersecurity incident, ahead of ransomware (15%) which was ranked amongst one of the least common incident being seen by businesses.
Data theft (27%) was the second most common cybersecurity incident being seen within businesses, topped only by phishing (46%). This correlates with the mounting concerns around data theft and the increasing need to protect sensitive data which emerged as the top cybersecurity challenge keeping professionals awake at night (48%). This was closely followed by managing risk and compliance (28%) and defending identities (26%) which can be explained due to increasing regulation around cyber security and the role of identity as an increasing attack vector in the world of pervasive remote and hybrid working.
Ransomware (25%) was ranked fourth amongst the challenges causing sleepless nights, likely due to the increased awareness surrounding backups, making ransom attacks less rewarding, whilst data theft alone, can have dire consequences in terms of reputational damage, hefty compliance fines and potential loss of IP, to name a few. This is not withstanding the fact that ransomware commonly has a data theft component to it, so is no longer just encryption, something that may not be topmost in everyone’s mind.
Of the cyber security challenges keeping IT security decision makers awake at night, CIOs (30%) were kept awake more than information security analysts (14%) and CTOs (18%) thinking about security consolidation, a responsibility that lies heavily with them as they battle to amalgamate the mass of security tools being introduced to defend against growing threats. Infosecurity analysts, however, ranked securing cloud environments (31%) as their second biggest nightmare keeping them awake at night.
Brian Martin, Head of Product Development, Innovation and Strategy at Integrity360 commented -“IT environments have become increasingly complex with many enterprises now employing multi-cloud strategies and multiple products, which can leave gaps in security, and see businesses paying for underutilised and overlapping tools unnecessarily. Consolidation of cybersecurity architectures can strengthen risk posture, reduce the number of tools and vendors in place, eliminating silos, reducing costs and improving overall security posture.”
Of the 205 IT security decision makers surveyed, a staggering 89% of respondents reported an increase in the volume of security alerts over the past 12 months, with 76% reporting and increase of between 1-50% of alerts. Twenty six percent of those reported a 26-50% increase in alerts, highlighting the mounting pressure on security teams and the incessant threats that businesses are facing.
Martin added - “Businesses are navigating a digital landscape fraught with risks and data theft is clearly weighing heavy on the minds of those tasked with keeping it safe. Whilst the threats continue to increase, and the alerts rise alongside, so too does the pressure on those tasked with keeping business data secure. Enlisting the help of a Managed Security Services Provider (MSSP) can benefit businesses with the expertise, resources, and round-the-clock vigilance needed to protect sensitive data and respond effectively and efficiently to incidents, affording security teams the opportunity to apply their time and resources to other priorities.”
The research also uncovered challenges in incident response (IR), shedding light on budgetary constraints in cybersecurity. Insufficient budgets (31%) were highlighted as the top challenge for effectively responding to incidents, followed by the complexity of incidents (27%) and lack of board-level understanding of IR (27%). A shortage of IR skills, experience and tools (38%) are also seen as being significant hurdles.
“Insufficient budgets can leave organisations vulnerable to attack. Businesses need to prioritise cybersecurity spend to avoid the financial and reputational ramifications that will often outweigh any initial investment in cybersecurity tools and processes. Likewise, being able to respond quickly is vital in the wake of a cybersecurity incident and investing in IR services, training and expertise can make all the difference when responding to a breach or serious incident,” added Martin.
Unsurprisingly, speed was considered the most stressful aspect of responding to a cybersecurity incident as 40% of respondents noted the need to act quickly as being stressful, whilst the sense of responsibility was cited by (31%). Interestingly, the fear of being wrong (24%) ranked higher than difficulty in diagnosing the incident (22%). C-level executives fear being wrong more than information security analysts – perhaps because the fallout from a poor response to a cyber incident could be worse or even catastrophic for them and their career.
The research was conducted by Censuswide, among a sample of 205 IT security decision makers (aged 18+). The data was collected between 09.08.2023 - 14.08.2023. Censuswide abides by and employs members of the Market Research Society and follows the MRS code of conduct which is based on the ESOMAR principles.