|76 Percent of Organizations Were Breached in 2015|
According to the 2016 Cyberthreat Defense Report, 76 percent of responding organizations were affected by a successful cyberattack in 2015 – up from 70 percent in 2014 and 62 percent in 2013.
The report, by CyberEdge Group, also found that 85 percent of responding organizations indicated they
are spending more than 5 percent of their IT budgets on security, up from 70
percent in 2015.
Other report highlights include:
For three consecutive years, respondents have expressed growing dissatisfaction
with their current endpoint security defenses. This year, a whopping 86 percent
have expressed their intention to replace (42 percent) or augment (44 percent)
their current endpoint protections.
percentage of organizations with active BYOD deployments has dropped for the
third consecutive year – from 31 percent in 2014 to 26 percent in 2016.
network security investments.
Next-generation firewalls are the top-ranked network security technology
planned for acquisition in 2016, followed by threat intelligence services and
user behavior analytics.
devices “still” in the crosshairs. For
the second consecutive year, mobile devices are perceived as IT’s “weakest
link.” In total, 65 percent of respondents witnessed an increase in mobile
threats over the prior year.
- Malware and spear-phishing continue to cause headaches. Malware and spear-phishing
top the list of cyberthreats causing the greatest concern among
respondents for the third-consecutive year.
exposure to SSL blind spots.
Only a third of responding organizations have the tools necessary to inspect
SSL-encrypted traffic for cyberthreats, revealing a gaping hole in enterprise
are still to blame.
For the third consecutive year, low security awareness among employees tops the
list of barriers to establishing effective security defenses. Survey participants
are also concerned with an overwhelming volume of security event data, lack of
skilled personnel, and lack of available budget.
“In 2014, only four in 10 survey participants believed that
a successful cyberattack targeting their organization was likely to occur in
the coming year. Today, that number has grown to six in 10 and is likely to
rise,” said Steve Piper, CEO of CyberEdge Group. “Despite record security
spending, savvy IT professionals know that it’s no longer a question of ‘if’
their network will become compromised, but ‘when.’ Smart CISOs must strike a
balance between threat prevention and detection investments, as both are
critical in the fight against today’s sophisticated threats.”
great to see perception and spending catching up with reality. According to my
research, security spending has been growing at 24 percent annually. So it’s no
surprise that spending as a percentage of the overall IT budget is
increasing," said Richard Stiennon, Chief Research Analyst at IT-Harvest.
"While it’s important to invest in additional protection, organizations
must be careful about where they place these new investments, so they’re not
merely stopping the threat of the day, but rather supporting the needs of the
The full report is at http://www.cyber-edge.com/2016-cdr.