Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

May 19, 2016

Survey: Many companies not prepared for cyber attack

PHOTO | David Castillo Dominici at More than 77 percent of organizations are not prepared for a cyber attack.

A new survey from a Bloomfield information security provider says more than 77 percent of organizations are not prepared for a cyber attack, and many lack a formal response plan.

According to the annual Global Threat Intelligence Report (GTIR) prepared by NTT Com Security, there has been little improvement in preparedness since last year. The latest figures indicate a slight increase in organizations that are not properly prepared, despite the rise in security attacks and data breaches.

The GTIR shows that over the last three years, on average 77 percent of organizations fall into the unprepared category, leaving just 23 percent with the capability to respond effectively to critical security incidents. NTT said prevention and planning for cyber attacks appears to be stagnating.

Garry Sidaway, vice president of security strategy and alliances at NTT Com said that could be the result of “security fatigue,” a large number of high-profile breaches, fast-paced technology changes and other factors.

While the financial services sector was forced to manage the greatest number of breach incidents a year ago, this year’s survey found that retail has taken the lead.

The survey pulled information from 24 security operations centers, seven R&D centers, 3.5 trillion logs and 6.2 billion attacks recorded in 2015.

Other details from the 2016 GTIR:

  • The report shows an increase in breach investigations, with 28 percent in 2015 compared to 16 percent the previous year, with many incidents focused on theft of data and intellectual property.
  • Internal threats jumped to 19 percent of overall investigations, up from 2 percent in 2014. Many of were the result of employees and contractors abusing information and computing assets.
  • “Spear phishing” attacks accounted for 17 percent of incident response activities in 2015, up from 2 percent previously. In many instances, fraudsters targeted executives and finance personnel, using such strategies as sending them fake invoices to pay.

Sign up for Enews


Order a PDF