Only 60 percent of decision-makers believe that their own security team can correctly assess the risk posed by attacks. On the other hand, 41 percent believe their team can detect an incident within minutes.
In many cases, decision-makers in companies in Germany doubt the capabilities of their IT security team, as the current Kaspersky study “Incident Response for Prevention – Why companies in Germany are poorly prepared for cyber attacks and how they can Incident response methods become more cyber-resilient" shows.
Almost a fifth of companies rely on Zero Trust
Zero Trust as a security principle, which fundamentally makes every action subject to reservation, is a comprehensive security measure that companies can use to protect themselves from threats - internally and externally. A fifth of companies in Germany have also recognized this: 18,0 percent rely on zero trust to prevent cybersecurity incidents. While decision-makers have confidence in the capabilities of technology, this does not necessarily apply to the capabilities of their own security team.
According to the latest Kaspersky survey, four out of ten decision-makers lack confidence that their security team is correctly assessing the risks posed by a cyber attack. The same suspicion appears when identifying and prioritizing security incidents as well as isolating and securing them through backups:
Only 56,5 percent trust their team to correctly identify and prioritize vulnerabilities and risks.
Just 50,5 percent trust that the team can isolate affected systems.
Less than half (49,0 percent) also believe that their team is able to perform backups correctly.
Decision makers confident: detection and elimination of attacks possible in minutes
If there is a security gap, a cyber incident or a targeted attack on a company, a quick response is important. If a company reacts promptly, the consequences can be minimized. While there seems to be a lack of trust in one's own security team, there is great confidence in the speed with which a security incident can be detected in one's own network:
- 41,5 percent expect detection within a few minutes,
- 40,5 percent assume a few hours.
Similar confidence can be seen when it comes to containing attacks or eliminating malware: 25,0 percent of decision-makers believe that this can be done within minutes. However, cybercriminals' advanced and constantly evolving methods, as well as their ability to disguise their intentions, make quick identification unlikely. Kai Schuricht, Lead Incident Response Specialist at Kaspersky, does not share this view. Based on his many years of experience, he states: “It’s more than sporty!”
Malware identification usually takes over a year
This also proves the results of the Kaspersky Incident Response Analyst Report: Accordingly, in most cases where the original access was not identified, discovery takes over a year. Only attacks via malicious emails, stolen credentials or external applications could be detected within hours or days in more than half of the cases.
More at Kaspersky.de
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/