When it comes to cybersecurity, companies can be split into two groups: those that have been affected by cyberattacks and those that will be targeted in the future. The fact is that the first group is larger than the statistics may suggest, given that many organizations are unaware that they belong to it.
This lack of awareness is one of the stumbling blocks that gets in the way of corporate cybersecurity and paves the way for hidden cyberattacks. Thus, if an organization doesn’t have an adequate IT team or specialized solutions to respond to its advanced cybersecurity needs, it is likely to have suffered some kind of intrusion at some point without realizing.
Employees being phished: the main cause of hidden cyberattacks_
The report Digital transformation and its impact on cybersecurity by the accounting firm RSM underlines the suspicions after interviewing 597 business leaders in 33 European countries. Among the questions posed, one stands out above the rest: “Do you think your company may have suffered a cyberattack…even if no one noticed it?
The results are highly revealing: 64% of those surveyed believe that their company could have been hacked without their realizing. This leaves many companies in a latently insecure situation, and calls into question their ability to detect or respond to an incident of this kind.
Another statistic brought to light in the study is the fact that 75% of cyberattacks do not become public knowledge, given that companies don’t report the incidents they are suffering. And this is in spite of the fact that non-disclosure is a serious breach of the GDPR.
As for the most commonly used attack methods, the respondents highlighted the fact that 46% of successful cyberattacks are executed via phishing that targets employees. This situation once more brings to light the fact that, in this equation, the most vulnerable variable are employees. The underlying causes for this behavior may go beyond how aware these employees are of cybersecurity questions. In this vein, research at the Friedrich-Alexander University in Germany discovered that, while 78% of users claim to be aware of the fact that suspicious links could be malicious, 45% still click them
Time is an ally of cyberattackers_
In all cases, time is one of the key factors for stopping cyberattacks from spreading and causing damage in the enterprise. This factor plays into the hands of the cyberattackers. According to the 2019 Cost of a Data Breach Study by the Ponemon Institute, the average time taken by organizations to detect a data breach is 206 days. The bad news is that this figure is slightly worse than 2018’s time of 197 days. This timespan could have serious consequences in the organization, both at an economic and at a reputational level.
The keys: proactivity and reaction_
This data demonstrates the fact that, at times, detecting a possible cyberattack may not happen at all, and there is never going to be a quick answer. On top of this scenario is the fact that employees are not always properly trained in cybersecurity, and can therefore become the easiest point of entry for cybercriminals. This just serves to emphasize the need to go beyond preventive measures and combine them with other actions.
Applying artificial intelligence and deep learning algorithms to cybersecurity allows enterprises to control one critical aspect: time. We’ve seen that detecting suspicious behaviors or intrusions when they happen isn’t always possible. For cases in which the cyberattack has already started, a mean time to repair (MTTR) that is as short is possible is the key to minimizing risks and possible damage.
At Cytomic, we respond to the most advanced cybersecurity demands with cloud-based solutions and services, and two paradigms: scaled data analytics, Security Data Analytics; and a community model that enriches our threat intelligence. As well as reducing detection and repair time, the use of these advanced technologies allows us to continuously classify applications depending on their new behaviors. It also allows us to identify any suspicious activity by applying scaled data analysis on the cloud. This cycle is completed with an on-demand containment and remediation capacity on the endpoint, minimizing detection and response time and automatically raising the level organization’s maturity in terms of security.
The quantity, professionalization and sophistication of attacks forces organizations to strengthen their security policies. They also oblige enterprises to develop specific processes to prevent, detect, investigate, contain and eradicate cyberattacks with the most advanced technology.