{"id":15094,"date":"2023-04-06T03:14:30","date_gmt":"2023-04-06T10:14:30","guid":{"rendered":"https:\/\/essential.construction\/news\/cyberattacks-hit-almost-all-companies-last-year-sophos-says\/"},"modified":"2023-04-06T03:14:30","modified_gmt":"2023-04-06T10:14:30","slug":"cyberattacks-hit-almost-all-companies-last-year-sophos-says","status":"publish","type":"post","link":"https:\/\/essential.construction\/news\/cyberattacks-hit-almost-all-companies-last-year-sophos-says\/","title":{"rendered":"Cyberattacks hit almost all companies last year, Sophos says"},"content":{"rendered":"

\"-\"<\/a>
\n<\/p>\n

\n

Cyberattacks aren\u2019t a roll of the dice for organizations, but rather a near certainty. Almost all<\/span><\/span><\/span><\/span><\/span><\/span> organizations, 94%,\u00a0 experienced a cyberattack of some form during the last year, according to research Sophos released Tuesday<\/a>.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

All companies should assume they will be a target in 2023, researchers warned.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

This constant barrage of malicious activity has organizations reeling. <\/span><\/span><\/span><\/span><\/span><\/span>Most businesses are confronting threats that are too advanced to deal with internally,<\/span><\/span><\/span><\/span><\/span><\/span><\/span> and a <\/span><\/span><\/span><\/span><\/span><\/span>majority report cyberthreats negatively impact their ability to accomplish IT projects or dedicate time to strategic issues.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

\u201cMany organizations are overwhelmed and struggling to accomplish both routine operational tasks and strategic initiatives,\u201d <\/span><\/span><\/span><\/span><\/span><\/span>John Shier, field CTO of commercial at Sophos<\/span><\/span><\/span><\/span><\/span><\/span><\/span>, said via email. \u201cThis manifests itself in organizations that are reactive and unable to improve their situation because they are constantly on the back foot.\u201d<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

The report is based on a <\/span><\/span><\/span><\/span><\/span><\/span>survey of 3,000 leaders responsible for IT and cybersecurity across 14 countries. The survey was conducted in January and February.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

Nearly all respondents, 93%, said essential security operations tasks remain challenging and only half of security alerts are investigated.<\/span><\/span><\/span><\/span><\/span><\/span><\/span> <\/span><\/span><\/span><\/span><\/span><\/span>Three-quarters of respondents reported difficulty identifying the root cause of cyberattacks.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

\u201cIt’s not so much that security controls are failing, though for some that might be the case, but rather the overall system not operating,\u201d Shier said. \u201cLike many complex systems, security infrastructure requires many layers operating together with redundancies applied throughout.\u201d<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

The top five cyberthreats of concern to IT and cybersecurity leaders surveyed include: data theft, phishing, ransomware, extortion, and DDoS attacks. Just 1% said they\u2019re not concerned about any cyberthreats affecting their organization this year.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

\u201cThe reality is that it need not be this way,\u201d Shier said. Organizations should immediately and honestly assess their capabilities, identify gaps, and institute a plan to mitigate those issues.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n

\u201cThere\u2019s too often a habit of understating risks and overstating capabilities,\u201d Shier said. \u201cThis leads to many organizations thinking and acting like they are secure when it couldn\u2019t be further from the truth.\u201d<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<\/p><\/div>\n