sb-nz logo
Story image

Survey reveals digital transformation playing into cybercriminals’ hands

24 Aug 2017

RiskIQ has released the findings from its 2017 State of Enterprise Digital Defence Report, with the independent research carried out by IDG Connect.

Perhaps one of the most prominent concerns arising following the report is it appears digital transformation is a double-edged sword - while it comes with many benefits, it also opens the door to cybercriminals as the report reveals many organisations are trying to walk before they can crawl.

According to respondents (included 465 IT information security decision makers in organisations with more than 1,000 employees in the US and UK), an average of 40 percent of organisations experienced five or more significant security incidents in the past 12 months.

Furthermore, 68 percent of respondents express no to modest confidence to manage digital threats. 70 percent of respondents have no to modest confidence in reducing their digital attack surface, expressing the least confidence in threats against web, brand, and ecosystem assessment.

Editorial director at IDG Connect, Martin Veitch says that overall it paints a bleak picture of organisations’ digital defence posture, with many enterprise security practitioners overwhelmed by the scale and tenacity of external digital threats and lacking confidence in their processes, systems, and tools.

"While the results were both eye-opening and disturbing, the survey findings and insights should empower corporate leadership and IT security professionals to examine how their organisations are protecting their businesses, customers, and brands, and fortifying digital transformation," says Veitch.

The majority of respondents are aware that some of their digital security measure immature or ineffective, with only 31 percent expressing expressing high confidence in the likelihood that their organisations can mitigate or prevent digital threats—despite all respondents increasing their near-term digital security spend.

More than half of respondents expect their near-term digital defence investment to increase between 15-25 percent or higher. Encouragingly, almost half believe cyber threat intelligence is ‘very important’, while all respondents view cyber threat intelligence tools as being very important or somewhat important—especially in fortifying research and in reducing time to respond to external threats.

Some of the highlights from the research include:

  • Malware, phishing, domain infringement, online scams, mobile app exposures, and brand abuse were cited as most frequently reported incidents
  • Big brands in banking, retail, and consumer goods had the most prevalence of attacks
  • Larger companies felt that they were better able to update control systems and collaborate across departments, perhaps showing the benefits of scale
  • Smaller companies felt best able to inform others about the status of external attacks, perhaps reflecting the benefits of having a smaller base to worry about
  • Across industries, an average of 35 tools are employed to thwart web, social, and mobile threats
  • Organisations outsource a third of digital threat management tasks to managed security service providers, and outsourcing will grow by nearly 13 percent CAGR over the next two years

“The independent research provides a useful litmus test for the level of exposure, controls, and investment regarding external web, social, and mobile threats among global industries,” says Scott Gordon, chief marketing officer at RiskIQ.

“The findings validate the need for enterprises to leverage cross-channel intelligence, automation, and resource optimisation as they build out digital defenses to reduce operational and reputational risk.”

Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
NortonLifeLock introduces dark web monitoring to its security suite
Dark Web Monitoring Powered by LifeLock will be capable of monitoring the dark web, searching for over 120 personal identifiable information including email, physical address, phone number, driver licence number, credit card or bank account numbers and gamer tags.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Story image
Five security challenges for the Enterprise of Things
Many enterprise networks aren't adequately managed, creating risk for businesses that don’t have full visibility into all of the devices on their network, writes Forescout regional director for A/NZ Rohan Langdon.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More