Cyber Risk Index highlights elevated risk as organisations struggle with visibility

Trend Micro has revealed that 32% of global organizations have had customer records compromised multiple times over the past 12 months as they struggle to profile and defend an expanding attack surface.

  • 2 months ago Posted in

The findings come from Trend Micro's semi-annual Cyber Risk Index (CRI) report, compiled by the Ponemon Institute from interviews with over 4,100 organizations across North America, Europe, Latin/South America, and Asia-Pacific.

To read a full copy of the latest Cyber Risk Index, please visit: www.trendmicro.com/cyberrisk

Jon Clay, VP of threat intelligence at Trend Micro: "You can't protect what you can't see. But with hybrid working ushering in a new era of complex, distributed IT environments, many organizations are finding it difficult to eradicate growing security coverage and visibility gaps. To avoid the attack surface spiraling out of control, they need to combine asset discovery and monitoring with threat detection and response on a single platform."

The CRI calculates the gap between organizational preparedness and the likelihood of being attacked, with -10 representing the highest level of risk. The global CRI index moved from 0.04 in 2H 2021 to 0.15 in 1H 2022, indicating a surging level of risk over the past six months.

This trend is also reflected elsewhere in the data: the number of global organizations experiencing a "successful" cyber-attack increased from 84% to 90% over the same period. Unsurprisingly, the number now expected to be compromised over the coming year has also increased from 76% to 85%.

Some of the top preparedness risks highlighted by the index report are related to attack surface discovery capabilities. It is often challenging for security professionals to identify the physical location of business-critical data assets and applications.

From the business perspective, the biggest concern is the misalignment between CISOs and business executives. Based on the scores given by the respondents, “My organization’s IT security objectives are aligned with business objectives” only has a score of 4.79 out of 10.

By addressing the shortage of cybersecurity professionals and improving security processes and technology, organizations will significantly reduce their vulnerability to attacks.

Dr. Larry Ponemon, chairman and founder of Ponemon Institute: "The CRI continues to provide a fascinating snapshot of how global organizations perceive their security posture and the likelihood of being attacked. The stakes couldn't be higher in the face of stiff macroeconomic headwinds. Respondents pointed to the high cost of outside expertise, damage to critical infrastructure, and lost productivity as the main negative consequences of a breach."

Overall, respondents rated the following as the top cyber threats in 1H 2022:

1) Business Email Compromise (BEC)

2) Clickjacking

3) Fileless attacks

4) Ransomware

5) Login attacks (Credential Theft)

Companies encountering numerous pain points as they seek to manage application connectivity security and risk.
Only 29% of respondents are highly confident they have a robust mechanism to test their environments against the most current threat vectors.
Netwrix has launched a new multi-tenant, software-as-a-service (SaaS) auditing solution designed to meet the needs of MSPs. Its lightweight cloud architecture helps MSPs ensure the security and compliance of their clients’ systems and data from a single console.
The new managed SASE solution builds on NTT’s Managed Campus Networks platform to provide customers with enhanced capabilities, new features, and a fully managed end-to-end service to support and operate critical network infrastructure.
Research also shows the inability to prevent bad things from happening as the worst part of a security job with more than a third of respondents unsure they could tell their boards that no adversaries are inside.
Channel partners in EMEA to access scalable application security testing solutions.
A new research report by CSI Ltd looking into the top concerns of cyber security decision makers finds that 78% believe the current cost-of-living crisis will increase the risk of a cyber threat occurring in their organisation. This finding was especially prevalent in the healthcare (84%) and financial services (86%) sectors.
Acronis has announced a three-year partnership with London´s oldest professional football club, Fulham FC. EveryCloud.co.uk will support Acronis as its ‘Strategic #Cyberfit’ delivery partner providing its cutting-edge cyber protection solutions and cloud backup service to the club.