A new survey of IT staff around the U.S. found that cyberattacks are continuing to cause big disruptions despite an uptick in the amount of money spent on cybersecurity hardware and software.
According to IDG Connect, which conducted the survey on behalf of Malwarebytes, between 80 and 90 percent of the 200 senior IT staff surveyed have been impacted by a worm or virus, at least one incident of unauthorized system access by internal staff, or an advanced persistent threat (APT) during the past 12 months. What’s more, the survey found phishing affected 79 percent of respondents, while ransomware impacted 64 percent.
“It has become abundantly clear that current cybersecurity defense strategies aren’t working,” said Matthew Smith, managing director of IDG Connect, in a press release highlighting the survey results. “Organizations are using sticking plasters rather than addressing their fundamental weaknesses.”
According to IDG, the attacks are proliferating despite cybersecurity defenses already in place. The survey found 87 percent polled already deployed firewalls, while 81 percent have antivirus and malware software in place. Web and email filtering platforms are used by 62 percent, while endpoint protection solutions were embraced by 61 percent. The survey also found 58 percent of respondents have identity access management tools in place and 57 percent have intrusion detection/prevention systems running but they fail to stop all the attacks.
The survey also found IT departments are spending a lot of hours managing these defenses and dealing with hacks and cybersecurity incidents. The survey found between 64 and 65 percent spend more than 10 hours a week cleaning applications and systems of malware and viruses and restoring lost or corrupted data from backups. The cybersecurity management overhead involved can also be taxing, said IDG, with between 69 and 71 percent spending more than 10 hours a week deploying security patches and upgrades and identifying networking, application and system vulnerabilities before they are exploited.
“The IDG Connect research is compelling since it captures the security challenges businesses are continually facing,” said Dana Torgersen, senior product marketing manager with Malwarebytes, in the same press release. “Businesses deployed multiple cybersecurity defenses (e.g., firewalls, AV, VPNs, IPS) but still suffered cyberattacks from worms/viruses, APTs, phishing, ransomware and zero-day exploits which caused system downtime, loss of customer confidence, and theft of customer data. With their necks on the line, IT managers (72 percent) and CISOs (60 percent) will be responsible for upgrading their current security systems or investing in additional security solutions to reduce their exposure to evolving threats.”