Is your business prepared for the next cyber breach?
NTT Com Security is today announcing findings from its Global Threat intelligence Report (GTIR) on businesses being unprepared for cyber security incidents. There report depicts:
Pulling information from 24 security operations centres, seven R&D centers, 3.5 trillion logs and 6.2 billion attacks in 2015, the GTIR shows that over the last three years, on average 77% of organisations fall into the ‘unprepared’ category, leaving just 23% with the capability to respond effectively to critical security incidents.
Although financial services was the leading sector for incident response in previous annual GTIR reports, the retail sector now takes the lead, with 22% of all response engagements, up from 12% the previous year. Retail – a popular target due to processing large volumes of personal information such as credit card details – experienced the highest number of attacks per client.
Other incident response statistics from the 2016 GTIR:
- The report shows an increase in breach investigations, with 28% in 2015 compared to 16% the previous year, with many incidents focused on theft of data and intellectual property.
- Internal threats jumped to 19% of overall investigations – from 2% in 2014. Many of these were the result of employees and contractors abusing information and computing assets.
- Spear phishing attacks accounted for approximately 17% of incident response activities in 2015, up from 2% previously. Many of these attacks related to financial fraud targeting executives and finance personnel, with attackers using clever social engineering tactics, such as getting organisations to pay fake invoices.
- Despite a rise in DDoS hacking groups like DD4BC and Armada Collective, the GTIR noted a drop in DDoS related activity compared to the previous two years. This is likely to be due to an investment in DDoS mitigation tools and services.