A new study by Trend Micro finds that 54 percent of organizations worldwide are dissatisfied with the maturity of their cyber risk assessment capabilities. This is accompanied by an increased risk of becoming a victim of ransomware, phishing and other threats.
Respondents also indicate that complex technical systems and a lack of managerial awareness exacerbate the problem. 32 percent of German IT and business decision makers surveyed by Trend Micro say they have difficulty assessing risk when managing their digital attack surface. As a result, 87 percent of respondents feel at risk from phishing attacks, closely followed by ransomware (86 percent) and cloud infrastructure failures (83 percent).
risk level of the company
The difficulties that companies have when assessing risk also leaves their boards in the dark: 51 percent of IT decision-makers see a challenge in quantifying the level of risk in the company for the management level. Only 4 percent believe their board currently fully understands cyber risk. This is an opportunity for companies to consult external expert knowledge.
41 percent of respondents have already invested in a platform-based approach to attack surface management in their organization, while nearly half (49 percent) say they plan to do so in the future. Those who already have a cybersecurity platform in use see better transparency (32 percent), reduced costs (31 percent) and faster attack detection and response (31 percent) as advantages.
Classification of the hazard too complex
Many German companies (27 percent) still map the attack surface manually. 29 percent report complexity problems due to the presence of multiple tech stacks. This could explain why only part of the respondents are able to comprehensively present the following aspects of their risk assessment:
- Action plans to prevent exploitation of specific vulnerabilities (47 percent)
- Impact of a security incident in a specific area (46 percent)
- Industry benchmarks (43 percent)
- Frequency of attack attempts (43 percent)
- Attempt Attack Trends (39 percent)
- Risk rating of individual assets (37 percent)
“We already know from numerous customer discussions that companies are concerned about a massively grown and opaque digital attack surface. The study results also show that they also urgently need help with cyber risk assessment,” says Richard Werner, Business Consultant at Trend Micro. “In many cases, the challenge is exacerbated by individual solutions used in a silo-like manner. A comprehensive platform approach, on the other hand, provides the required level of security.”
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.