Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests.

Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their technology didn’t detect the breach.

Other top causes (multiple responses were allowed) included a breach due to an attack on the organization’s supply chain (40 per cent); a missed vulnerability (40 per cent); an analyst missing an alert (38 per cent); and password misuse (36 per cent).

More significantly, the number of infosec leaders reporting the root cause of a successful cyber incident was lack of detection is increasing. Respondents said more than three years ago, technology not detecting an attack was the root cause of nine per cent of attacks. But in the past year it was the root cause of 22 per cent of attacks.

“It’s increasingly more likely technology cannot keep up with the attacker’s ability to penetrate their defenses,” the report concludes.

The study, called “The Mind of the CISO: Behind the Breach” interviewed 512 security leaders in medium to large organizations from 13 countries who have managed at least one major cybersecurity incident in the past five years.

Despite the seeming failure of technology to detect many breaches, respondents equally felt that people, processes, and technology needed an overhaul in the IT departments after a successful breach.

Many of those surveyed said in the aftermath of an attack, almost every process and technology was changed (multiple responses were allowed): Forty-six per cent of respondents said they got increased budgets, 44 per cent said they created regular reviews of capabilities, IT infrastructure and staffing, an equal number said they contracted with additional cybersecurity services such as incident response, 42 per cent said they rethought their overall cybersecurity strategy, and 41 per cent said they implemented new frameworks or standards.

Interestingly, few infosec leaders questioned found a successful breach of security controls was devastating to themselves. Ninety-one per cent of respondents slightly or strongly agreed they had an increase in motivation levels during the incident.

“Organizations need to prioritize building cyber resilience to prevent future attacks,” the report concludes. “This requires significant investment in the right people, processes, and technology solutions. As made evident in this research, CISOs are in need of additional resources and support, starting at the board level, to make the required investments, training, and overhaul needed to keep pace with the evolving threat landscape.

“New global regulations and legal ramifications in the wake of cyber incidents should help to prioritize the needs of CISOs moving forward, equipping them with the resources to effectively and efficiently manage cyber threats.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now