Companies that have been the victim of a cyber attack should definitely revise their security strategy because the risk of the hackers striking again within a year is high, as the Data Breaches Survey Report for 2022 shows.
Cybersecurity company Cymulate has released its 2022 Data Breaches Survey Report. It is a global survey of 858 senior decision-makers from around the world and from a variety of industries including technology, banking, finance and government. The results make you sit up and take notice and should prompt those responsible in companies to take action.
Over 60 percent were attacked again
39 percent of those surveyed said they had been the victim of a cyber attack in the past XNUMX months. Given the increase in ransomware and phishing attacks in recent months and years, this number is not surprising. However, it is astonishing that two thirds of the victims had already experienced more than one cyber attack and a tenth even ten or more attacks. So if you feel safe because the first attack is over, you could soon be in for a nasty surprise. As improbable as it sounds, the danger of becoming a victim again increases after the first attack. It doesn't always have to be about repeat offenders. There may well be other attackers exploiting the same vulnerability.
Malware attacks before ransomware
The study also asked about the nature of the attacks. Malware attacks were the most common at 55 percent, followed by ransomware attacks at 40 percent. Furthermore, DDoS attacks and crypto-jacking were given as common attack methods. It is not surprising that phishing e-mails were the most common reason for successful attacks at 56 percent. Exploiting vulnerabilities in digital supply chains and network-connected third-party software came second.
Putting cybersecurity to the test
It is all the more important to put the entire cyber security to the test after a security incident in order to close any gaps as quickly as possible. This is the only way to prevent criminal hackers from being able to gain access again the same way. This includes vulnerability management as well as the introduction of multi-factor authentication for all employees. Awareness of the dangers of social engineering should also be increased among employees, for example through training. A schedule for emergencies, a so-called incident response plan, as well as regular system backups, which are stored offline and separately from the system, also make a significant contribution to security.
At this point, the companies are asked: They have to provide the necessary budget for such measures - even if it seems high at first. It is significantly cheaper to invest in security proactively than to bear the consequences of repeated cyberattacks.
More at 8com.de
About 8com The 8com Cyber Defense Center effectively protects the digital infrastructures of 8coms customers from cyber attacks. It includes security information and event management (SIEM), vulnerability management and professional penetration tests. It also offers the setup and integration of an Information Security Management System (ISMS) including certification according to current standards. Awareness measures, security training and incident response management round off the offer.