Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/14/2020
09:15 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Study: Preventing Cyberattack Penetration Can Save Enterprises Up to $1.4 Million Per Incident

Ponemon Institute finds that 70% of security professionals believe the ability to effectively prevent cyberattack penetration strengthens their security posture, yet only 24% are focused on optimizing prevention capabilities.

April 7, 2020 - New York, NY - Today, the Ponemon Institute released its latest report, “The Economic Value of Prevention in the Cybersecurity Lifecycle”. The independent study, sponsored by Deep Instinct, determined for the first time that the economic value of cyberattack prevention - which takes into account the entire cybersecurity lifecycle of detection, containment, remediation, and recovery - ranges from $396,675 to $1,366,365, depending on the nature of the attack.

The study also found that while the overwhelming majority of cybersecurity professionals (70%) felt the ability to prevent attacks from penetrating their networks would improve their cybersecurity posture and reduce the cost of an attack, only a relatively small 21% of budgets are allocated to attack prevention. 79% of budget allocation is delegated for detection, containment, recovery and remediation activities. 

The study determined that effective adoption of a preventative solution - when compared to the current spending of security departments and the cost of attacks - would result in significant cost reductions and require lower overall investment. 

“This study shows that the majority of companies are more effective at containing cyberattacks after they happen because it is perceived to be more accountable. This explains why cybersecurity budgets focus on containing attacks rather than preventing them, as well as the increased rate of breaches despite investments in cybersecurity solutions,” said Dr. Larry Ponemon, the Chairman and Founder of the Ponemon Institute. “Prevention of cyberattacks is perceived to be too difficult, but as companies continue to suffer revenue losses due to cyber breaches, we expect budgets to start allocating increased resources to preventative solutions given the amount of money they save.”

The clear benefit of prevention is reflected by the 67% of respondents who believe the use of automation and advanced AI such as Deep Learning would improve their ability to prevent attacks, and that, despite the current perceived difficulty, they intend to implement these technologies within the next two years.

“What this study shows is that most companies are still operating under a policy of ‘assume breach,’ believing that it is more pragmatic to contain a cyberattack after penetration. This is no longer an economically viable long-term strategy,” said Guy Caspi, CEO and co-founder of Deep Instinct. “The value of prevention is clear - for any type of attack, prevention saves significant time and money. Deep learning-powered cyber solutions, which are uninhibited by the human limitations that define machine learning-driven solutions, are uniquely suited to provide preventative protection for enterprises and drive down the costs of attacks.”

Additional key findings from the report include:

  • With an average budget of $13 million for IT security, 50% of respondents say their organizations are wasting limited budgets on investments that don’t improve their cybersecurity posture, and only 40% believe their budgets are sufficient. 
  • Prevention is perceived to be the most difficult to achieve in the cybersecurity lifecycle according to 80% of respondents. The reasons cited are that it takes too long to identify, insufficient technology and lack of in-house expertise.
  • Organizations are more effective at containing cyberattacks. 55% of respondents feel that they can contain attacks after they happen, and this priority leads IT teams to allocate larger portions of their budgets to containment, rather than prevention.

The study surveyed over 600 IT and IT security practitioners who are knowledgeable about their organizations’ cybersecurity technologies and processes. Most of these respondents are responsible for maintaining and implementing security technologies, conducting assessments, leading security teams and testing controls. 

About The Ponemon Institute:

Founded in 2002 by Dr. Larry Ponemon and Susan Jayson, Ponemon Institute conducts independent research on data protection and emerging information technologies. Our goal is to enable organizations in both the private and public sectors to have a clearer understanding of the trends in regulations and the threat landscape that will affect the collection, management and safeguarding of information assets. Ponemon Institute research informs organizations on how to improve upon their data protection initiatives and enhance their brand and reputation as a trusted enterprise.

About Deep Instinct:

Deep Instinct is the first and only company to apply end-to-end deep learning to cybersecurity. Unlike detection and response-based solutions, which wait for the attack before reacting, Deep Instinct’s solution works preemptively. By taking a preventative approach, files and vectors are automatically analyzed prior to execution, keeping customers protected in zero time. This is critical in a threat landscape, where real-time is too late. To learn more visit https://www.deepinstinct.com/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...