DALLAS — A recent report shows that there’s an “elevated” risk of cyber attacks on organizations.
The global “Cyber Risk Index” (CRI) is a comprehensive measure of “the gap between an organization’s current security posture and its likelihood of being attacked.”
For instance, the report indicates that 80% of global organizations report they are likely to experience a data breach that impacts customer data in the next 12 months.
The “Cyber Risk Index” is by Tokyo-based Trend Micro, the maker of a cybersecurity platform, and Traverse City, Michigan-based Ponemon Institute, which is focused on the responsible use of information. It was released last month.
“Once again we’ve found plenty to keep CISOs awake at night, from operational and infrastructure risks to data protection, threat activity, and human-shaped challenges,” said Jon Clay, VP of threat intelligence for Trend Micro.
“To lower cyber risk, organizations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive, connected platforms.”
Businesses can use the report as a “resource to prioritize their security strategy and focus their resources to best manage their cyber risk,” said Larry Ponemon, CEO, Ponemon Institute.
Ponemon said the report is “increasingly useful, as harmful security incidents continue to be a challenge for businesses of all sizes and industries.”
Key findings from the “Cyber Risk Index”
- 86% said it was somewhat to very likely that they’d suffer serious cyber attacks in the next 12 months, compared to 83% last time
- 24% suffered 7+ cyber attacks that infiltrated networks/systems, versus 23% in the previous report
- 21% had 7+ breaches of information assets, versus 19% in the previous report
- 20% of respondents said they’d suffered 7+ breaches of customer data over the past year, up from 17% in the last report
Top cyber risks
- Man-in-the-middle attacks
- Phishing and social engineering
- Fileless attack
Top security risks to infrastructure
Many respondents admitted they spend “considerable resources” managing third-party risks.
- Organizational misalignment and complexity
- Cloud computing infrastructure and providers
Top negative consequences of a cyber attack
- Customer turnover
- Lost intellectual property (IP)
- Disruption or damages to critical infrastructure
Main challenges for cybersecurity preparedness include
- Limitations for security leaders who lack the authority and resources to achieve a strong security posture
- Organizations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure
The “Cyber Risk Index” is based on a survey of over 3,600 businesses of all sizes and industries across North America, Europe, Asia-Pacific, and Latin America.
It was conducted in the first half of 2021.
The “Cyber Risk Index” is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current index stands at -0.42, a slight increase from -.41 last year.