By Devin Partida, Editor-in-Chief, ReHack.com
It’s hard to believe 2020 is already half over. The attention placed on COVID-19 and how it drastically affected people’s daily lives means this year is an unusual one where time does not seem to pass at a normal pace.
The coronavirus pandemic also impacted cybersecurity, particularly as criminals used virus-related content to urge people to download infected files or donate to nonexistent charities. The workforce shifted, too, with many people working remotely. That new setup introduced challenges for cybersecurity professionals due to the reduced oversight associated with telecommuting.
COVID-19 will undoubtedly affect cybersecurity for the rest of the year, but it is not the only topic deserving of attention. Here are five security statistics professionals should know to shape their decisions for the second segment of 2020.
1. 42% of Professionals Feel Cybersecurity Fatigue
A 2020 report from Cisco found that 42% of the cybersecurity practitioners polled felt cybersecurity fatigue. Experiencing that problem makes them virtually give up on proactively safeguarding against infiltrators.
Then, more than 96% of the people in that group cited challenges with the management of a multivendor environment. They said complexity was the main source of burnout — perhaps because the study indicated the average company uses more than 20 security technologies.
An effective way to reduce complexity and combat security fatigue is to invest in automation when possible. Also, encourage collaboration between applicable teams, such as those involved in networking and endpoint security.
2. 62% of Organizations Are Not Adequately Staffed With Cybersecurity Professionals
ISACA researched the ramifications of the well-known and widespread cybersecurity shortage. One of the related statistics was that 62% do not have enough staff members to meet needs.
The continually understaffed organizations or those having difficulty bringing new members on board felt less confident in their ability to respond to threats than those with enough cybersecurity experts. Some also said they experienced more attacks due to having unfilled positions.
Enterprises that notice the adverse effects of the cybersecurity skills shortage can consider technical tools such as those that use artificial intelligence (AI) to categorize threats. They may also think about hiring consultants to show them where weaknesses exist, giving the businesses valuable starting points for making meaningful improvements.
3. 60% of Organizations Believe Email Attacks Are Inevitable or Likely for Them in the Next Year
Email is such an integral part of everyday life that most people outside of the cybersecurity realm probably don’t see it as a threat. Internet perpetrators know email-based schemes can give them a tremendous reach, along with ample opportunities to customize the messaging and make it appear as from legitimate sources.
An email security report from Mimecast found that 60% of people polled believed their organizations would likely or inevitably suffer from email-centered attacks within the next year. They recognized that lost data and reduced productivity were among the possible consequences of experiencing such issues.
A positive tidbit from the same research revealed that more than three-quarters of respondents were actively implementing cyber-resilience strategies.
Companies that are not yet doing so or have no plans to take such actions may find themselves targeted and struggling to fight back.
4. More Than 90% of Attacks in a Studied Sample Utilized Defense Evasion Techniques
IT security professionals know that malicious actors continually update their methods to increase the chances of pulling off successful attacks.
However, one of the troubling cybersecurity statistics brought to light recently showed that cybercriminals increasingly tweak their tactics to circumvent legacy solutions. Statistics from Carbon Black and VMware showed that more than 90% of the 2,000 samples analyzed indicated the parties tried to avoid defense strategies.
Additionally, such evasion efforts were more common in ransomware attacks, showing up in 95% of the cases studied. The researchers also said the manufacturing, government and energy sectors were at an exceptionally high risk of ransomware problems.
IT professionals should keep these findings in mind as they continually evaluate how to maintain infrastructure security for the foreseeable future. Cybersecurity teams must regularly assess their practices and tools to check for weaknesses cybercriminals might exploit if not corrected.
5. Only 17% of Global Companies Are Cyber-Resilience Leaders
Getting prepared for cybersecurity attacks is not a one-and-done procedure, but an ongoing process that changes as needs require.
Accenture polled more than 4,600 security practitioners at enterprises around the globe to gauge how they prioritize security, how well their current efforts work and the impact of new relevant investments.
From that data, researchers discovered that some companies — identified as cyber-resilience leaders — achieved significantly better results from their investments than peers. However, such enterprises only accounted for 17% of the overall respondents.
The enterprises identified as the top-notch performers in cyber-resilience efforts received impressive payoffs for their dedication. They stopped attacks more often, found breaches faster and minimized the impact of those events compared to those that were not as capable in their practices.
Businesses can start moving in the right direction for the rest of this year by finding their most pressing vulnerabilities and determining the best ways to remedy them.
Crucial Cybersecurity Statistics to Remember
The data mentioned here should give some food for thought to cybersecurity professionals who do not want to become stagnant or poorly equipped for the rest of the year.
Progress often comes when people see evidence of possible shortcomings and become dedicated to fixing them. These statistics could start that all-important process.
Devin Partida is an industrial tech writer and the Editor-in-Chief of ReHack.com, a digital magazine for all things technology, big data, cryptocurrency and more. To read more from Devin, please check out the site.