Businesses are understanding the value of cybersecurity and seeing the need to invest more extensively in it since threats are developing so swiftly. Businesses must work to ensure that their defenses enable them to always be one step ahead of cybercriminals, but the frequency with which data breaches are publicized reveals that many companies are finding it difficult to keep up with the pace. IT leaders need to understand how hackers are getting past security in order to know how to keep their organizations secure. As a result, they are better equipped to choose the security solutions that will provide them with the highest return on security investment.
Recently, Keeper Security conducted a survey to learn more about how cybersecurity is evolving and where organizations are spending money on cybersecurity products. Keeper’s 2022 U.S. Cybersecurity Census Report contains the results of a survey that was given to 516 American IT decision-makers. The research goes in-depth on the risks that businesses face and the tactics they can use to better handle cyber threats and keep a step ahead of the threat actors attempting to enter their networks. According to the survey, businesses are conscious of the importance of cybersecurity. The results showed that 71 percent of businesses have made new cybersecurity jobs in the last year. However, even with the additional staff, businesses continue to worry that they won’t be able to keep up with the rapidly changing cyber threat landscape. Additionally, the survey provided evidence of how cyberattacks are affecting businesses. 31 percent of businesses confirmed they had suffered from a cyberattack that successfully disrupted operations. The same proportion had stated that the attacks resulted in theft of confidential information. Furthermore, nearly a quarter of respondents claimed that attacks disrupted trading and commercial activities as well as the supply chain. Businesses are suffering a significant financial effect as a result of these attacks. Successful attacks cost firms $75,000 per incident on average, with roughly 40 percent of businesses reporting that the cost to handle an attack exceeded $100,000.
Despite the high level of confidence in cybersecurity defenses, the survey found a lack of essential tools in the technology used by businesses to defend against attack. Nearly one-third of companies lacked a platform for managing IT secrets including API keys, database passwords, and privileged credentials. Hard-coded credentials in source code was a concern for 84 percent of respondents, yet only a quarter of the organizations had the software available to remove them.
The survey found the main areas where businesses intend to invest considerably over the next year include security awareness, password management, infrastructure secrets management, and password authentication. Despite the importance and effectiveness of the zero-trust strategy, only around a third of businesses stated their intention to implement the security measure. While it is reassuring to observe so many businesses placing a high focus on cybersecurity, the survey found that many businesses were not being transparent about the breaches they experienced. 48 percent of IT executives admitted to knowing about a cyberattack but kept it to themselves. Keeper Security has asked businesses to be truthful about their cybersecurity. “Without a culture of trust, accountability, and responsiveness, cybercriminals will thrive.”