Cyber Security Teams Worry Most About Phishing & Ransomware

Uploaded on 2020-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Nearly 90% of security professionals are most concerned about phishing and ransomware attacks. This is especially alarming, as only 48% confirm that they have continuous visibility into the risk area of phishing, web and ransomware, a report by the cyber security experts at Balbix reveals. 
 
Organisations and their IT staffs have to battle a variety of cyber threats in their quest to keep their businesses and resources safe and secure. But some threats are more pervasive and challenging than others. In their report released Balbix looks at the top threats cited in a survey of security professionals. 
 
The 2020 State of Enterprise Security Posture Report reveals that cyber security teams are struggling with a lack of visibility into threats, endpoint devices, access privileges, and other key security controls necessary for a robust cyber security posture.
 
The report is based on the results of a comprehensive online survey of IT and cyber security professionals in the US, conducted in May 2020 to identify the latest trends and concerns in the cybersecurity community.  The respondents range from technical executives to IT security practitioners, representing a balanced cross-section of organisations of varying sizes across multiple industries.
 
The findings also determined that 64% of organisations are only, at best, somewhat confident in their security posture, and that the lack of visibility into security is the primary concern for organisations. Specifically, 46% find it hard to tell which vulnerabilities are real threats vs ones that will never be exploited. 
 
Limited visibility of the overall attack surface (37%), and the burden of being inundated with far too many alerts to act upon (25%) were found as additional significant concerns. 
 
The report shows that security professionals remain inundated with the challenge of maintaining clear observation and visibility of the changing electronic global-scape. 
 
Additional Report Findings
  • The second biggest security threat faced by organisations, after phishing web and ransomware attacks, is unpatched systems (53%); misconfigurations (47%) follows as the third main risk driver
  • 68% list unpatched systems as the top area that they have continuous visibility into, followed by identity and access management (59%) and phishing, web and ransomware (48%)
  • Only 13% of cyber security leaders feel like presentations to the board go very well and that the board understands the cyber risk posture of the enterprise
  • 60% of organisations have knowledge of fewer than 75% of the assets on their networks, with most claiming only spotty understanding of business criticality and categorisation
  • 80% of organisations provide more access privileges than are necessary for users to do their jobs, unnecessarily adding substantial risk to their organisations
  • Only 58% are capable of determining all vulnerable assets within 24 hours following news of critical exploits
To solve this challenge, enterprises must start with gaining continuous, comprehensive visibility of real risks to their organisation, including not only where they have weaknesses or vulnerabilities, but also whether those weaknesses are likely to impact them. 
 
HelpNetSecurity:        Balbix:       TechRepublic:       Dark Reading
 
You Might Also Read: 
 
Vital Necessity Of Cloud Computing Highlights Security Risks:
 
« The Effects Of GDPR On EU / US Relations
Using Artificial Intelligence In Academic Research »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Roka Security

Roka Security

Roka Security is a boutique security firm specializing in full-scale network protection, defending against advanced attacks, and rapid response to security incidents.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

Cyfor

Cyfor

Cyfor provides digital forensics and eDiscovery in civil, criminal, intellectual property, litigation and dispute resolution investigations.

ContentKeeper

ContentKeeper

ContentKeeper provides Web Threat Protection solutions to secure today’s Web 2.0 and mobile centric business environments.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

CalCom

CalCom

CalCom Hardening Solution (CHS) for Microsoft OMS is a security baseline-hardening solution designed to address the needs of IT operations and security teams.

Tempered Networks

Tempered Networks

Tempered Networks delivers the first purpose-built platform for IIoT cybersecurity that allows customers to connect and secure devices in minutes without the need for specialized skills.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

Exponential-e

Exponential-e

Exponential-e provide Cloud and Unified Communications services and world-class Managed IT Services including Cybersecurity.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Idenhaus Consulting

Idenhaus Consulting

Idenhaus specializes in Cybersecurity and Identity Management (IAM) Consulting.