Less than half of organizations are equipped with proper cyber defenses to thwart the possible cyber threats. According to the information security firm CyberArk, only 50 percent of the companies have a security strategy in place for DevOps, IoT, and other technologies to cope with security incidents.
More than 50 percent of organizations stated that attackers can break into their network systems and 28 percent of them stated they’ve planned security strategies in the next two years, according to CyberArk’s survey.
The survey findings, from the interviews conducted across various organizations, stated that 78 percent of organizations believe that hackers are the real threat to their critical assets, 46 percent companies stated organized crimes are the reason, and 60 percent of the companies consider their security risks are from external attacks, including phishing and ransomware.
“Organizations are showing an increasing understanding of the importance of mitigation along the cyber kill chain and why preventing credential creep and lateral movement is critical to security,” said Adam Bosnian, executive vice president, global business development, CyberArk. “But this awareness must extend to consistently implementing proactive cybersecurity strategies across all modern infrastructure and applications, specifically reducing privilege-related risk in order to recognize tangible business value from digital transformation initiatives.”
Security researchers stated that Phishing and Ransomware attacks are the most reported types of cyber-attacks on financial services firms. According to the Audit and Consulting firm RSM International in the United Kingdom, around 819 cyber incidents were reported by Financial services firms to the Financial Conduct Authority (FCA) last year.
RSM said that Retail Banks were the most frequently affected by cyber-attacks (486 security incidents) followed by wholesale financial markets (115 attacks), and retail investment firms (53 incidents). In 2018, financial firms reported around 93 cyber-attacks, in which half of these (48 attacks) were phishing attacks while 20 percent (19 attacks) were ransomware attacks.
RSM said the sudden increase in the companies reporting security incidents was due to the introduction of the European Union’s General Data Protection Regulation (GDPR) laws that took effect last May.