While that headline sounds great, research from a study by the PonemonInstitute and Deep Instinct shows that 76% of surveyed security professionals indicatethat cyber attack prevention is too difficult for their organizations toachieve and instead focus on easier detection and containment efforts
It sounds like a bad joke: Why did the security department giveup on their cyber attack prevention and mitigation efforts? Becausepreventions too hard to achieve.
Unfortunately, though, this is not just a bad joke. According to research from a new study that was released today by the Ponemon Institute and Deep Instinct, thats exactly what more than three-quarters of survey respondents said they believe. The unsettling data indicates that 40% they strongly agree and another 36% said they agree with the statement that My organization focuses on the detection of cyberattacks because prevention is perceived to be too difficult to achieve.
Were not here to argue the psychological semantics ofperception versus reality but we are saying that this data shows thatperceptions relating to the cybersecurity lifecycle do matter (particularlywhere an organizations resource allocation and budgetary decisions areconcerned).
To better understand the data, were going to dive into theresults of this survey, which focuses on the responses to questions relating toperceptions of the cybersecurity lifecycle and the economic value of preventionefforts.
Lets hash it out.
The study takes a deep dive into the economic impact ofcosts associated with cyber attacks on organizations. But well get more into whothe survey respondents are later lets get to the meat of what they wereasked about The cybersecurity lifecycle itself and the ways that theirorganizations prevent cyber attacks.
The lifecycle represents a series of cybersecurity-relatedprocesses an organization goes through when identifying and responding tovirtually any type of cyber attack. So, what are the five phases?
The survey asked participants to estimate the costs associated with five types of attacks zero-day, phishing, nation-state, ransomware, and spyware and the percentage of the cost thats associated with each of those lifecycle phases. For example, their data shows that a single phishing attack could cost an average of $832,500 due to costs associated with detection, containment, recovery, and remediation efforts. But if an organization was able to prevent the attack in the first place, they could save $682,650 of those total costs!
Why only 82% wouldnt it prevent 100% of the costs of acyber attack? Well, no. Thats because there are costs associated with cyberattack prevention initiatives in terms of the human and technological resourcesthat are involved.
So, ask yourself: If there is a chance that you could potentiallysave your organization 82% of the costs it could face by preventing an attack fromhappening in the first place, would you put the necessary resources in place todo it? Where do you and your organization stand on this particular issue areyou in the camp that supports focusing more of your efforts on prevention, ordo you believe more resources should be dedicated to detection and containment?
Unsurprisingly, the survey finds that preventing attacksfrom causing damage not only protects an organizations reputation, but it alsosaves them time, resources, and money. That seems like pretty common senseto me. But what was surprising was the weight given to perceptionssurrounding the topics of cyber attack detection and prevention. Herein liesthe issue.
As we mentioned earlier, the majority of survey respondentscybersecurity resources appear to be devoted significantly more to respondingto threats (containment) than stopping them from occurring in the first place(prevention). In fact, only 24% say that they focus on optimizing theirprevention capabilities!
But what leads to such a big discrepancy in priorities?
Dr. Larry Ponemon, the chairmanand founder of the Ponemon Institute, was quoted in the press release as sayingthat the reason seems to boil down to perceptions of accountability:
This study shows that the majority of companies are more effective at containing cyberattacks after they happen because it is perceived to be more accountable. This explains why cybersecurity budgets focus on containing attacks rather than preventing them, as well as the increased rate of breaches despite investments in cybersecurity solutions.
Prevention of cyberattacks is perceived to be too difficult, but as companies continue to suffer revenue losses due to cyber breaches, we expect budgets to start allocating increased resources to preventative solutions given the amount of money they save.
If youwant to ensure that your budget money is best spent, then its imperative forbusinesses and organizations to dedicate more of their moolah to cyber attackprevention initiatives, personnel resources, and technologies. But even withincreased resources, that doesnt mean that your cyber security prevention effortswill be without challenges.
When it comes to figuring out how to prevent a cyber attack, its all about identifying and stopping any type of malicious threat in real time, regardless of the types of files that are used in the attack or if its a zero-footprint attack (one that lacks files).
The fivetypes of cyber attacks we mentioned earlier zero-day, phishing nation-state,ransomware, and spyware were among those that the survey respondents foundvery difficult to prevent. According to the research, a few reasons reallystand out about why almost 80% of the survey respondents feel like preventingthese types of cyber attacks is too difficult:
So, evenif it is harder and more challenging to prevent attacks than to detect andcontain them, its still worth the effort to do what you can to prevent themfrom happening. Having the right tools and technologies in place is especiallyuseful and is among the best ways to prevent cyber attacks. Using encryptionand authentication technologies, in addition to automation and AI, isdefinitely one of the best approaches and should be part of a larger cyberattack prevention strategy.
Something that always interests us in these types ofarticles is where public key infrastructure (PKI) and encryption fall withinthe purview of necessity.
On a scale of 1-5, with 5 meaning very high impact and 1 meaning very low impact, public key infrastructure (PKI) has an impact score of 3.9 in terms of how well it helps to prevent cyber attacks. This tied PKI with privileged access management (PAM). This is behind only a few others:
This means that while PKI isnt the top contributingfactor, it is one of the most valuable technologies that organizations areputting to use. Although this is something we already knew in terms of theimportance of PKI, its nice to see what we proclaim being validated by otherreputable organizations.
Digital certificate management also made the listwith an impact rating of 3.6. Well get more to the importance of thatmomentary. But, first, lets keep going with the benefits of having awell-established PKI and how it helps you prevent cybersecurity attacks.
Public key infrastructure is the framework, technologies,processes, and other integral components that are required for issuing, using,and managing public key encryption certificates. This infrastructure involvesweb browsers, certificate authorities (CAs), X.509 digital certificates, and theirpublic/private keys.
But how does PKI play a role in preventing cyber attacks? Publickey encryption does two things exceptionally well:
When asked which types of solutions they currently use toprevent cyber attacks, encryption is one of the top solutions listed.Encryption is important and is already in use in various ways in manybusinesses around the globe. For example, data in transit encryption is used onmany businesses website servers. Some businesses also use encryption to securetheir IoT devices, email servers, and the email communications of specificusers. However, it doesnt appear to be as widespread as wed like yet in termsof protecting mobile devices.
The survey data indicates that only 39% of organizationsreportedly take steps to protect data on employees mobile devices. Of thoserespondents, 41% say their organizations use data in transit and at restencryption to secure data both while it is stored and being transmitted.
This is definitely an area that can use some improvement.This is especially true considering that the survey respondents also indicatethat more than half (54%) say their organizations allow them to use theirpersonal mobile devices in the workplace and 41% say they use the devices forwork purposes.
When talking about email security, phishing is a majorconcern for every business. All it takes it for one email to be successful forall of your good intentions, resources, and hard work to go out the window.
The FBIs 2019 Internet Crime Report also indicates that email is among the most common entry points for fraud. According to the Ponemon/Deep Instinct survey, 79% of the respondents indicate that their organizations experienced at least one phishing attack. Of those, only 18% said that they were able to prevent them.
Of course, this is where cyber awareness training and theuse of digital signatures can really have an impact. For example, if youremployees are aware of the threats that exist with regard to phishing emailsand social engineering attacks, theyll be less likely to fall for those typesof scams.
However, if their organizations also implement the use ofdigital signatures via email signing certificates, it could help emailrecipients more easily verify whether an email came from a legitimate person oran imposter.
Managing your digital certificates is a critical task thatmust be done effectively. This means that you need to have strong visibilitywithin your network and IT infrastructure to know what you have and whetherits protected. Having unknown certificates (shadow IT) and expiredcertificates can lead to a variety of costly headaches for your team and yourorganization as a whole.
For example, outages that result from certificate expirations can cost organizations more than $11.1 million, according to research from another Ponemon Institute report (sponsored by KeyFactor). Some of the resulting issues include:
So, how do you manage all of these certificates to ensurethat this doesnt happen at your organization? And what other solutions can youuse to streamline your cyber security efforts and prevent cyber attacks?
More than two-thirds (67%) of the surveys respondents believe that automation, artificial intelligence (AI), and other advanced technologies can help to prevent cyber attacks. This makes sense in many ways computers are capable of scanning and analyzing logs and records faster than any human would ever be capable of doing. Furthermore, humans are more likely to make errors than machines and may forget to perform essential tasks.
The use of AI and machine learning-based solutions isntabout machines replacing humans. Its about augmenting our practitionerscapabilities and reducing some of the strain thats placed upon them each day.Part of this involves removing menial tasks from their workload that can beautomated. Another part is taking advantage of the vast processing andanalytical capabilities of AI to teach it to identify and recognize threats andattacks more quickly even those that have before been seen.
So, what are some of the reasons whyautomation and learning-based solutions should be implemented?
Manage Digital Certificates like a Boss
14 Certificate Management Best Practices to keep your organization running, secure and fully-compliant.
The survey focuses on the responses of more than 634cybersecurity and IT professionals to questions relating to the following five overarchingphases of the cybersecurity lifecycle. Of those respondents, 24% were ITmanagement professionals and 18% work in the financial services sector.
This study highlights a key opportunity forcybersecurity-savvy companies. By focusing more of their budget and resourceson cyber attack prevention, they can save significant costs, while protectingtheir reputation and business. Key attack prevention tactics include (but arenot limited to):
See the original post:
Cyber Attack Prevention Can Save Businesses Up to $1.4M Per Attack - Hashed Out by The SSL Store - Hashed Out by The SSL Store