More than three quarters of organisations believe they will suffer a cybersecurity breach in 2022, according to new research from Trend Micro.
Trend Micro announced the findings of its latest global Cyber Risk Index (CRI) for the second half of 2021, revealing 76% of global organisations think they will be successfully attacked in the next 12 months, with 25% claiming this is "very likely" to happen.
"To craft effective cybersecurity strategy, organisations must master the art of risk management. This is where reports like the CRI can be a great resource in highlighting areas of possible concern," says Jon Clay, Trend Micro vice president - threat intelligence.
"As remote working and digital infrastructure threats persist, organisations should adopt a platform-based approach to optimise security whilst minimising their security sprawl," he says.
The semi-yearly CRI report asks pointed questions to measure the gap between respondents' preparedness of attack and their likelihood of being attacked*.
In this report, 84% claimed to have suffered one or more successful cyber-attacks in the past 12 months, with over a third (35%) saying they'd experienced seven or more.
Threats they're most concerned about globally are ransomware, phishing/social engineering, and denial of service (DoS)and the negative consequences of a breach are stolen or damaged equipment, cost of outside consultants/experts, and customer turnover.
When it comes to IT infrastructure, organisations are most worried about mobile/remote employees, cloud computing, and 3rd party applications. USA organisations put the cloud computing risk score at 9.87 / 10.
This highlights the ongoing challenge many organisations have around securing the digital investments they made during the pandemic, Trend Micro says. Such investments were necessary to support remote working, drive business efficiencies and agility, and understand the corporate attack surface.
"Organisations are facing demanding security challenges every day, from software vulnerabilities, data breaches, to ransomware attacks and more," says Dr. Larry Ponemon, chairman and founder of Ponemon Institute.
"The semi-annual survey has been a tremendous asset in evaluating the rapidly evolving cyber risk landscape to help organisations improve security readiness and serving as a guidance in strategic planning."
The highest levels of risk were around the following statements:
- "My organisation's IT security function supports security in the DevOps environment"
- "My organisation's IT security leader (CISO) has sufficient authority and resources to achieve a strong security posture
- "My organisation's IT security function strictly enforces acts of non-compliance to security policies, standard operating procedures, and external requirements"
According to the report, this clearly indicates that more resources must be diverted to people, processes, and technology globally to enhance preparedness and reduce overall risk levels.