Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

// // //
4/20/2018
08:05 AM
Jeffrey Burt
Jeffrey Burt
Jeffrey Burt

Cyber Attacks Have Doubled, but Security Is Getting Better at Blocking Them

In a survey, Accenture said the number of targeted attacks like ransomware and DDoS are growing, but organizations are getting better and faster at detecting them.

Cybersecurity so far this year is offering a mix of good news, bad news and warnings, according to a report released this week by professional services company Accenture.

The bad news is that the number of targeted cyber attacks like ransomware and distributed denial-of-service (DDoS) has more than doubled this year, an indication of the increasing threats facing organizations undergoing dramatic digital transformations of their businesses.

However, companies have dramatically done better so far this year over 2017 at protecting themselves against such attacks, detecting and blocking 87% of the breaches compared with 70% last year, according to Accenture's report "2018 State of Cyber Resilience," which was released as the RSA Conference 2018 got underway in San Francisco. That said, the study's authors noted that even with only 13% of targeted attacks getting through the defenses, that means that organizations are still seeing an average of 30 successful breaches a year, and they warned that companies must continue to invest security solutions and embrace emerging technologies like artificial intelligence, machine learning and automation.

(Source: iStock)
(Source: iStock)

"The research shows that 83 percent of survey respondents believe that breakthrough technologies, such as artificial intelligence (AI), machine or deep learning, user behavior analytics, and blockchain, are essential to securing the future of their organizations," the authors wrote in their report. "Indeed, it is breakthrough technologies that will drive the next round of cyber resilience -- although only two out of five business leaders are already investing in areas like machine learning/AI and automation." (See Automation Is a Key to Future Enterprise Security Report.)

Accenture surveyed 4,600 enterprise security professionals at companies from more than 15 countries and with more than $1 billion in revenue. The survey ran from January to March and found an average of 232 attacks this year compared with 106 in 2017, with the attacks designed to get past network security and either cause damage or steal data or other corporate assets.

"Over the past year, there are a number of areas where organizations have improved their cyber resilience as they get better at detection, prevention and collaboration," Ryan LaSalle, global managing director for Accenture Security, Growth and Strategy and Cyber Defense Lead, wrote in an email to Security Now. "We believe the increase in attacks can be attributed to both the increased threat activity in the market and also the results of increased detection coverage across organizations. We're also seeing a change in the reporting structure and governance for cybersecurity, with two-thirds of CEOs and boards now having direct oversight of cybersecurity. Budget authorization is also elevated with CEOs and boards now approving 59% compared with only 33% last year. This provides strong evidence for the benefits of connecting security improvement to better risk governance and business engagement."

Collaboration improves cybersecurity
The collaboration not only within security teams but also outside of them has been important. Security teams within an organization are finding 64% of breaches, about the same as last year, they survey found. Of the attacks that the security teams don't detect, 38% are found by others in the security community -- such as white-hat hackers -- or through peers or competitors (up from 15% in 2017). The authors noted that there is safety in numbers when dealing with cyber threats.

Another sign of success: Security teams are finding the attacks faster, whittling the average time of detection from months and years to weeks and sometimes days. Eighty-nine percent of survey respondents said their internal security teams had detected a breach within a month; last year that number was at 32%.

In addition, 55% of companies took a week or less to detect an attack, compared with 10% in 2017.

All that said, the Accenture researchers said enterprises should be sure to keep their focus on security -- only 67% of their organizations are protected by their cybersecurity initiatives -- and not lose sight of the fact that threats can come from the inside as easily as the outside. That's where continued -- and wise -- investments come in. Ninety percent of survey respondents said they expect their companies will invest more in cybersecurity over the next three years, but only 31% said the increases will be significant (at least double what they're spending now).


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

In addition, that spending should take advantage of the emerging technologies that will be crucial to cybersecurity, including AI, machine learning, user behavior analytics and blockchain.

While more than 80% of respondents said they understand the importance of such technologies, so far the investments are not backing that up. The majority of respondents said that, given additional money, they'd invest to either fill gaps or add innovations in cybersecurity, and already half or more of them said they are sending in security around the Internet of Things (IoT), security intelligence platforms and blockchain. (See Beyond Bitcoin: How Blockchain Can Benefit IoT Security.)

"So, executives agree advanced technologies are essential and they would commit funding to them if they could, but in practice, just two out of five are investing in machine learning/AI and automation technologies, to evolve their security programs," the authors wrote, nothing that 83% said their organizations have completely embedded security into their culture. "It may be a case of overactive optimism... yet, if only 40 percent are committing investments to breakthrough technologies like machine learning/AI and automation, this number needs to increase to optimize the opportunity."

Another point is that cyber criminals also are using such emerging technologies.

"We believe that AI/machine learning will play a huge role in the future of combatting cyber attacks," LaSalle wrote. "Threat intelligence from our iDefense team has already identified the use of advanced business models and technologies -- including AI/machine learning -- to develop more effective attacks. New technologies can provide a reliable, consistent and automated way to monitor for unusual behavior and control the process of access provisioning. They can scale the defenders and enable smarter automation to detect better and respond faster."

Accenture recommended several steps to improve an organization's resilience against cyber threats, including hardening high-value assets, use breakthrough technologies, evolve the role of the CISO to include deep expertise in both security and business, use threat-hunting technologies and pressure test the cyber-attack defenses.

Related posts:

— Jeffrey Burt is a long-time tech journalist whose work has appeared in such publications as eWEEK, The Next Platform and Channelnomics.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4031
PUBLISHED: 2022-11-29
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions such...
CVE-2022-4032
PUBLISHED: 2022-11-29
The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it possible for unauthenticated at...
CVE-2022-4033
PUBLISHED: 2022-11-29
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, etc...
CVE-2022-4034
PUBLISHED: 2022-11-29
The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers to embed untrusted input into content during booking creation that may be exported as a CSV file when a site's administrator...
CVE-2022-4035
PUBLISHED: 2022-11-29
The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including, 1.3.72 due to insufficient input sanitization and output escaping that makes injecting iFrame tags p...