Cyberattacks: Why The Response Time In Companies Is Far Too Long

Deep Instinct asked cybersecurity experts about  current cyber threat landscape. The excellent result: the response time to a cyber attack. For the second edition of the semi-annual report “Voice of SecOps” by Deep Instinct, provider of a deep learning framework for cybersecurity, security experts worldwide were asked about the current cyber threat situation. One of the report’s key findings is that the global average response time to cyberattacks is 20.9 hours. That corresponds to more than two working days. Ninety-two per cent of the surveyed cybersecurity experts in companies state that they need an average of at least six hours to react to a security incident.

Cyberattacks: Cyber ​​Security Threats From Within

Given the delay with which security teams often react to an attack, 87 per cent of those surveyed were unsure whether it was even possible to prevent the constant waves of cybercriminals. In addition, security professionals cite internal threats as a persistent risk. Eighty-six per cent of respondents fear that their employees will click on malicious links. And thereby could cause an attack or a security breach. Forty-four per cent of cybersecurity experts in companies stated that they see the greatest obstacle to preventing malware from entering their networks because insufficiently trained personnel are available to carry out more preventive measures.

The new Deep Instinct survey follows the first report from July 2021, which found that 83 per cent of cybersecurity experts surveyed worldwide were dissatisfied with the current EPP and EDR solutions and expected better solutions. Forty-two per cent of companies are now planning to increase their investments in Endpoint Detection and Response (EDR) technologies.

Various Challenges From Cyber Attacks

The danger of ransomware and other malware is far from over. But there are other significant challenges that security experts have to face, according to the findings of the global survey.

Concerns About Coping With Cyberattacks:

• Forty-four per cent of security professionals are concerned about the lack of specific threat defense for never-before-seen malware.
• Forty per cent fear a growing persistence on the part of threat actors who discreetly maintain long-term access to systems to launch large-scale cyber attacks despite interruptions such as reboots or changed login data.
• Thirty-five per cent of those questioned complain about the lack of qualified SecOps staff. According to security experts, this poses a challenge to responding to incidents, particularly in the healthcare sector (52 per cent) and the public sector (55 per cent).

Complete Security Of Endpoints Can Hardly Be Achieved:

• Ninety-nine per cent of respondents believe that at least one endpoint agent protects not every endpoint in their organization.
• Thirty-two per cent of respondents believe that each endpoint has the same level of protection. A majority of 60 per cent say they are unable to block threats on all endpoints.

Cloud Storage And Malicious File Challenges Include:

• For 80 per cent of those surveyed, files stored in the cloud represent an uncontrolled security gap.
• Sixty-eight per cent of respondents are concerned that other employees may unwittingly upload malicious files and compromise environments.

Cyberattacks: New Hope For Security Professionals

But there are silver linings on the horizon for security professionals, especially in the technology and financial services sectors. Technology respondents were optimistic about efforts to combat cyber threats. Twice as often as respondents in other sectors thought that malware prevention was possible.

The financial services industry is at the forefront when it comes to incident response time. Because here, incidents are reacted to almost four hours earlier than in other branches of the economy. Two-thirds (66 per cent) of all respondents believe that it will be possible to prevent threats from entering their company’s network in the next two to five years.

In addition, 59 per cent of respondents are optimistic about the implementation of prevention and response. Companies are placing increasing emphasis on prevention (57 per cent) and detection (62 per cent). With automatic threat detection and prevention, security teams can focus on the most pressing issues. And are not inundated with constant warning messages.

ALSO READ: IT security: 6 essential trends in 2022