If your client thinks they are more at risk of a cyberattack in the future, they may not be imagining things.
According to a recent survey from global cybersecurity company Trend Micro, 80% of global organizations report they are more likely to experience a data breach that impacts customer in the next 12 months. And among the four regions surveyed, North America has the highest risk level compared to the other three regions (Latin America, Europe and Asia-Pacific).
“This was due to North America having a lower perceived readiness than the other regions,” said Trend Micro’s biannual Cyber Risk Index report, produced by the Ponemon Institute and released earlier this month.
The report measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attack. More than 3,600 businesses of all sizes and industries were polled across the four regions in the first half of 2021.
Looking at North America specifically, 84% of those polled expect a data breach of customer records within the next 12 months compared to 74% last year. Seventy-eight per cent also suffered cyberattacks involving infiltration of organizations’ networks and/or enterprise systems in the past 12 months versus 66% previously.
“Once again, we’ve found plenty to keep [chief information security officers] awake at night, from operational and infrastructure risks to data protection, threat activity and human-shaped challenges,” said Jon Clay, vice president of threat intelligence for Trend Micro, in a press release. “To lower cyber risk, organizations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive, connected platforms.”
Organizations ranked the top three negative consequences of an attack as customer churn, lost intellectual property and critical infrastructure damage/disruption. The top cyber risks highlighted were:
Man-in-the-middle attacks (when data is sent between a computer and a server, a cybercriminal can get in between and spy)
Phishing and social engineering
Fileless attack (abusing tools built in to the operating system to carry out attacks)
Botnets (a collection of internet-connected devices infected by malware that allow hackers to control them).
“The main challenges for cybersecurity preparedness include limitations for security leaders who lack the authority and resources to achieve a strong security posture, as well as organizations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure,” Trend Micro said in the release.