Over two-thirds (68%) of organizations say they suffered a cyberattack at some point during the last twelve months, new figures from Netwrix have claimed.
The cybersecurity firm polled 1,610 IT professionals from 106 countries and published the results in its annual global 2023 Hybrid Security Trends Report.
Besides the rising number of breached firms, the report also said that 16% of the victims estimated their financial damages to be up to $50,000. Furthermore, two in five (40%) of the victims had to cover unplanned expenses, while 10% suffered other serious consequences, including customer churn, fewer sales, and being surpassed by their competitors.
Insurance and security solutions
While many organizations are turning to cyber insurance to mitigate the risk, Netwrix’s researchers warn that they must do more to stay safe. Indeed, 44% of organizations are insured against cybersecurity incidents, with another 15% planning on purchasing a policy within the next 12 months. A quarter (22%) of those with a policy were forced to improve their cybersecurity posture in order to be eligible for the purchase.
“While cyber insurance has value, it’s vital to remember that it is no substitute for strong security. After all, while insurance pay out can defray the financial impact of a security incident, no policy can restore an organization’s data, operations, or reputation,” Dirk Schrader, VP of security research at Netwrix, said.
Of all the different endpoints (opens in new tab) on the threat landscape, hackers are gravitating towards on-prem infrastructure rather than the cloud. This difference is most expressed in ransomware attacks, the report further claims, with almost twice as many ransomware infections on on-prem environments (37%) compared to the cloud (19%).
“On-prem environments are more vulnerable to attacks than software-as-a-service (SaaS) systems because they often have sprawling privileges on the infrastructure level. For example, users might have administrative rights on their computers and service accounts often have elevated rights. Malicious actors can abuse these standing privileges to spread malware quickly across on-premises systems,” Dmitry Sotnikov, VP of product management at Netwrix, added.