Over 60% said they have seen an increased number of attacks, which correlates with publicly available data breach statistics. However, a significant number of companies have noticed no change, and around 5% of respondents even reported a decrease in security threats.
Of course, this may be true for a number of the best-in-class companies who have implemented better threat detection solutions. However, for others it may simply be another indication that they lack the required level of visibility into their own networks, or a result of the increased sophistication of modern advanced cyber attacks.
When these numbers are broken down by the industry, a few interesting results can be observed. First of all, it was the manufacturing companies that have reported the biggest increase in security attacks on their infrastructures. Combined with their traditionally weak defenses against cyber-attacks, this may indicate increasing chances of an industrial disaster caused by hackers turned cyber-terrorists. However, the very fact that the companies are increasingly aware of these prospects may show hope that they will finally start adopting more consistent information security strategies, thus breaking the decades-long dependence on “security by obscurity”.
Somewhat disturbingly, retail and services organizations were among those least concerned about the growing number of security threats. Considering the large number of recent high-profile data breaches of large retailers and online services, this indicates that some companies are still willing to learn exclusively from their own mistakes.