Trend Micro revealed that 43 percent of surveyed organizations have been impacted by a Business Process Compromise (BPC). Despite a high incidence of these types of attacks, 50 percent of management teams still don’t know what these attacks are or how their business would be impacted if they were victimized.
In a BPC attack, criminals look for loopholes in business processes, vulnerable systems and susceptible practices. Once a weakness has been identified, a part of the process is altered to benefit the attacker, without the enterprise or its client detecting the change. If victimized by this type of attack, 85 percent of businesses would be limited from offering at least one of their business lines.
It’s not a matter of “if” companies will become a victim of a cyberwarfare or cybersecurity attack but “when,” as both types of attacks grow more sophisticated daily, putting millions–or billions–of company dollars, reputations, and data at risk. In a recent survey by Tech Pro Research, only 28% of the survey’s 248 respondents were not a victim of some form of security attack.
Interestingly, 86% of respondents were highly or moderately concerned with cyberwarfare attacks more than they were with general security risks. In a similar survey conducted in 2016, only 14% of respondents were slightly worried about cyberwarfare; 16% weren’t worried at all.
Read more about the findings of the survey by Tech Pro Research on ZDNet.
In its 2018 Strategic Security Survey (registration required), Dark Reading polled some 300 IT and security leaders and found that more organizations, not fewer, expect to face data breaches in the coming year compared with the previous year’s survey. Moreover, the companies believe they’re not fully ready to protect their data against intruders.
A large proportion of respondents expect that staffers with privileged access might be the source of a breach, but they’re also wary of attackers from outside mounting one of many sophisticated new attacks. A growing attack surface, distributed denial-of-service extortion, targeted attacks, and ransomware are contributing to the unease that many organizations sense.
Read more about the findings of the new survey on DarkReading.
Smartphone access is integral for many employees to perform their jobs, and giving workers the freedom to choose their own devices as well as permitting the use of personal devices for work purposes are now concessions made by IT departments nationwide.
A recent report from security firm Bitglass surveyed IT experts, and found that 85% of organizations enable BYOD policies, citing employee mobility (74%) and employee satisfaction (54%) as the top two reasons for allowing BYOD. However, the convenience of BYOD creates a particularly large attack surface for malicious actors to harvest information from these organizations.
Read more about the findings of the Bitglass survey on TechRepublic.
While 50 nations and 150 global companies gathered in Paris last week to boost the call for better cybersecurity, European IT security professionals this week are registering their concerns that the region isn’t ready for an anticipated attack on critical infrastructure. The 2018 Black Hat Europe Attendee Survey found that nearly two-thirds (65%) of security pros in Europe believe a successful cyberattack affecting the critical infrastructure of multiple EU nations will occur in the next two years.
And concerns are not limited to critical infrastructure. Some three-quarters of European security pros said a major data breach will occur in their own organizations in the coming year.
Read more about the findings of the Black Hat survey on DarkReading.
The frequency with which Americans worry about becoming the victim of a variety of different crimes is similar to last year, as they remain much more likely to fear being victimized by cybercrimes than traditional crimes. Of the 13 crimes measured, only two garner majority-level concern from Americans — 71% say they frequently or occasionally fear that computer hackers will access their personal, credit card or financial information and 67% worry this often about identity theft.
Gallup has gauged Americans’ frequency of worry about a host of crimes annually since 2000, most recently Oct. 1-10. The rank order of the crimes most worrisome to Americans has been generally quite stable since 2009 when Gallup first included worry about identity theft on the list.
Despite an increased focus on cybersecurity awareness in the workplace, employees’ poor cybersecurity habits are getting worse, compounded by the speed and complexity of the digital transformation. Of the 1,600 global employees Vanson Bourne surveyed, 75% of respondents admitted to reusing passwords across accounts, including work and personal.
Organizations are at varying stages of the digital transformation, and that evolution has presented an increasingly complex IT environment to manage securely. Yet the survey findings points to a workforce who are less committed to security best practices.
A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don’t fully understand the risks or how widespread the threat is. The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.
Only five percent of respondents realize that phishing is the at the start of over 90 percent of successful breaches. And despite multi-level security controls and phishing awareness training for employees, most organizations remain unaware of their increasing vulnerability to these threats.
Read more about the findings of the SlashNext survey on BetaNews.
Despite almost half of U.S. consumers (49 percent) believing their security habits make them vulnerable to information fraud or identity theft, 51 percent admit to reusing passwords/PINs across multiple accounts such as email, computer log in, phone passcode, and bank accounts. That is according to Shred-it’s Consumer Fraud Awareness Survey.
Consumers are not only putting their digital security at risk, but their habits toward physical information security also make them vulnerable to fraud or identity theft. While nearly two in 10 consumers (17 percent) are concerned that they could fall victim to a physical security breach, nearly three in 10 consumers (27 percent) admit they do not shred paper or physical documents containing sensitive information before throwing them away.
There is a high level of concern among consumers about the risks associated with cybercrime from their smart devices, and one in four claims to be a victim of a cyberattack. Yet, the vast majority of consumers are unaware of what they can do to protect themselves or feel they’ve already taken sufficient safety measures, according to Grange Insurance.
One in four consumers have never taken safety measures against cybercrime, the survey found. Lack of awareness and believing existing measures are sufficient are the top reasons for not taking more safety measures.