Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

4/20/2018
08:05 AM
Jeffrey Burt
Jeffrey Burt
Jeffrey Burt
50%
50%

Cyber Attacks Have Doubled, but Security Is Getting Better at Blocking Them

In a survey, Accenture said the number of targeted attacks like ransomware and DDoS are growing, but organizations are getting better and faster at detecting them.

Cybersecurity so far this year is offering a mix of good news, bad news and warnings, according to a report released this week by professional services company Accenture.

The bad news is that the number of targeted cyber attacks like ransomware and distributed denial-of-service (DDoS) has more than doubled this year, an indication of the increasing threats facing organizations undergoing dramatic digital transformations of their businesses.

However, companies have dramatically done better so far this year over 2017 at protecting themselves against such attacks, detecting and blocking 87% of the breaches compared with 70% last year, according to Accenture's report "2018 State of Cyber Resilience," which was released as the RSA Conference 2018 got underway in San Francisco. That said, the study's authors noted that even with only 13% of targeted attacks getting through the defenses, that means that organizations are still seeing an average of 30 successful breaches a year, and they warned that companies must continue to invest security solutions and embrace emerging technologies like artificial intelligence, machine learning and automation.

"The research shows that 83 percent of survey respondents believe that breakthrough technologies, such as artificial intelligence (AI), machine or deep learning, user behavior analytics, and blockchain, are essential to securing the future of their organizations," the authors wrote in their report. "Indeed, it is breakthrough technologies that will drive the next round of cyber resilience -- although only two out of five business leaders are already investing in areas like machine learning/AI and automation." (See Automation Is a Key to Future Enterprise Security Report.)

Accenture surveyed 4,600 enterprise security professionals at companies from more than 15 countries and with more than $1 billion in revenue. The survey ran from January to March and found an average of 232 attacks this year compared with 106 in 2017, with the attacks designed to get past network security and either cause damage or steal data or other corporate assets.

"Over the past year, there are a number of areas where organizations have improved their cyber resilience as they get better at detection, prevention and collaboration," Ryan LaSalle, global managing director for Accenture Security, Growth and Strategy and Cyber Defense Lead, wrote in an email to Security Now. "We believe the increase in attacks can be attributed to both the increased threat activity in the market and also the results of increased detection coverage across organizations. We're also seeing a change in the reporting structure and governance for cybersecurity, with two-thirds of CEOs and boards now having direct oversight of cybersecurity. Budget authorization is also elevated with CEOs and boards now approving 59% compared with only 33% last year. This provides strong evidence for the benefits of connecting security improvement to better risk governance and business engagement."

Collaboration improves cybersecurity
The collaboration not only within security teams but also outside of them has been important. Security teams within an organization are finding 64% of breaches, about the same as last year, they survey found. Of the attacks that the security teams don't detect, 38% are found by others in the security community -- such as white-hat hackers -- or through peers or competitors (up from 15% in 2017). The authors noted that there is safety in numbers when dealing with cyber threats.

Another sign of success: Security teams are finding the attacks faster, whittling the average time of detection from months and years to weeks and sometimes days. Eighty-nine percent of survey respondents said their internal security teams had detected a breach within a month; last year that number was at 32%.

In addition, 55% of companies took a week or less to detect an attack, compared with 10% in 2017.

All that said, the Accenture researchers said enterprises should be sure to keep their focus on security -- only 67% of their organizations are protected by their cybersecurity initiatives -- and not lose sight of the fact that threats can come from the inside as easily as the outside. That's where continued -- and wise -- investments come in. Ninety percent of survey respondents said they expect their companies will invest more in cybersecurity over the next three years, but only 31% said the increases will be significant (at least double what they're spending now).


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

In addition, that spending should take advantage of the emerging technologies that will be crucial to cybersecurity, including AI, machine learning, user behavior analytics and blockchain.

While more than 80% of respondents said they understand the importance of such technologies, so far the investments are not backing that up. The majority of respondents said that, given additional money, they'd invest to either fill gaps or add innovations in cybersecurity, and already half or more of them said they are sending in security around the Internet of Things (IoT), security intelligence platforms and blockchain. (See Beyond Bitcoin: How Blockchain Can Benefit IoT Security.)

"So, executives agree advanced technologies are essential and they would commit funding to them if they could, but in practice, just two out of five are investing in machine learning/AI and automation technologies, to evolve their security programs," the authors wrote, nothing that 83% said their organizations have completely embedded security into their culture. "It may be a case of overactive optimism... yet, if only 40 percent are committing investments to breakthrough technologies like machine learning/AI and automation, this number needs to increase to optimize the opportunity."

Another point is that cyber criminals also are using such emerging technologies.

"We believe that AI/machine learning will play a huge role in the future of combatting cyber attacks," LaSalle wrote. "Threat intelligence from our iDefense team has already identified the use of advanced business models and technologies -- including AI/machine learning -- to develop more effective attacks. New technologies can provide a reliable, consistent and automated way to monitor for unusual behavior and control the process of access provisioning. They can scale the defenders and enable smarter automation to detect better and respond faster."

Accenture recommended several steps to improve an organization's resilience against cyber threats, including hardening high-value assets, use breakthrough technologies, evolve the role of the CISO to include deep expertise in both security and business, use threat-hunting technologies and pressure test the cyber-attack defenses.

Related posts:

— Jeffrey Burt is a long-time tech journalist whose work has appeared in such publications as eWEEK, The Next Platform and Channelnomics.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25789
PUBLISHED: 2020-09-19
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
CVE-2020-25790
PUBLISHED: 2020-09-19
** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our secu...
CVE-2020-25791
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
CVE-2020-25792
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair().
CVE-2020-25793
PUBLISHED: 2020-09-19
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.