In 2014, 71 percent of respondents’ networks were breached with 22 percent of them victimised six or more times.
In surveying more than 800 security decision makers and practitioners, CyberEdge found that more than 70 percent of respondents’ networks had been breached in 2014 — up from 62 percent in 2013 — with more than 20 percent breached six times or more.
For the first time, a majority of respondents (52 percent) now believe a successful cyber attack is likely in the coming year — up from 39 percent in last year’s report.
No shortage of cyberthreat challenges. In 2014, 71 percent of respondents’ networks were breached with 22 percent of them victimized six or more times. This is a significant increase from the preceding year, which saw 62 percent of respondents’ networks breached, with 16 percent of them victimized by six or more successful cyberattacks.
Waking up to a new reality. A majority (52 percent) of respondents felt that a successful cyberattack against their network was likely in the next 12 months, compared to just 39 percent in 2013.
Phishing, malware, and zero-days top of mind. Of 10 designated categories of cyberthreats, phishing/spear-phishing, malware, and zero-day attacks are perceived as posing the greatest risk to responding organizations. Denial of service attacks, watering hole attacks, and drive-by downloads are of least concern.
Security spending continues to rise. Survey results indicate that 62 percent of respondents expect their security budgets to increase this year, up from 48 percent last year. Respondents also indicate that, on average, 6-10 percent of their organizations’ IT budgets are spent on security, with one in five organizations spending 16 percent or more.
Enterprise mobility management holds firm. For the second straight year, mobile device and application management (MDM/MAM) is the top mobile security solution respondents plan to implement in the next 12 months. This is no surprise as nearly six in 10 participants saw a rise in mobile device threats in the preceding 12 months.
Security analytics in top demand. Security analytics / full-packet capture and analysis is the most commonly cited network security technology planned for future acquisition, followed by threat intelligence services and next-generation firewalls.
Fed up with inadequate endpoint defenses. A whopping 67 percent indicated their intent to evaluate alternative endpoint anti-malware solutions to either augment (34 percent) or replace (33 percent) their existing endpoint products. This number is markedly up from 56 percent in last year’s survey.
Continuous monitoring now mainstream. Half of those surveyed rely on continuous monitoring technologies for discovering network assets, achieving policy compliance, and mitigating vulnerabilities and security misconfigurations. This is a positive trend for the industry, as only 38 percent of respondents conduct full-network scans more often than quarterly.
“A key takeaway from this year’s Cyberthreat Defense Report is the dramatic rise in mobile device threats,” said Kurt Roemer, chief security strategist at Citrix.