Vulnerabilities in third-party applications, ransomware, out-of-date security technology and process weaknesses were the leading causes of breaches of security controls in organizations, according to a recent international survey.
The data is part of the fourth Global Security Insights survey by VMware in December of 3,542 CIOs, CTOs and CISOs in 14 countries, including Canada, which was released Thursday. (Registration required)
Interestingly, those four vectors each were blamed for causing about 14 per cent of reported breaches, meaning combined they accounted for 56 per cent of the incidents at the organizations of respondents. The next nearest cause was operating system vulnerabilities, which accounted for eight per cent of breaches.
“The race to adopt cloud technology since the start of the pandemic has created a once-in-a-generation chance for business leaders to rethink their approach to cybersecurity,” Rick McElroy, WMware’s principal cybersecurity strategist, said in a statement accompanying the report. “Legacy security systems are no longer sufficient. Organizations need protection that extends beyond endpoints to workloads to better secure data and applications. As attacker sophistication and security threats become more prevalent, we must empower defenders to detect and stop attacks, as well as implement security stacks built for a cloud-first world.”
Among the findings:
- 81 per cent of those surveyed said their organization had suffered a breach of security controls. Of them, they had suffered an average of 2.5 breaches in 2020. 82 per cent said the breaches were material.
- 78 per cent said cyber attacks had increased due to more employees working from home.
- There is a suggestion, according to the report’s authors, that security professionals have underestimated the likelihood of a material breach. Only 56 per cent say they fear a material breach in the next year, and just over one-third (41 per cent) have updated their security policy and approach to mitigate the risk.
- Ransomware made up 9 per cent of all attacks last year, compared to
just 4.5 percent in the June, 2020 Security Insights survey. - Cloud-first security strategies are now universal with 98 per cent of respondents saying they already use or plan to use a cloud-first security strategy. But the move to cloud has expanded the threat surface. Nearly two thirds agree they need to view security differently now that the attack surface has expanded. 43 per cent of respondents said they plan to build more security into their infrastructure and apps and reduce the number of point solutions.
- 63 per cent of respondents agreed they need better visibility over data and apps in order to pre-empt attacks.
- Security concerns are holding back adoption of AI, the report argues. More than half of respondents said that security concerns are holding them back from embracing AI and machine learning.
Among the report’s recommendations:
- Organizations must prioritize improving visibility into all endpoints and workloads to secure the remote work environment. Robust situational intelligence that gives context to threats will help defenders prioritize and remediate risk with confidence.
- Organizations need to combine advanced ransomware protection with robust postattack remediation that detects the continued presence of adversaries in their environment.
- Organizations must identify the critical changes to processes and technology needed to support remote and hybrid workers to work securely and reduce risk.
- Endpoint and network controls must be delivered as a distributed service. This means delivering security that follows the assets being protected, no matter what type of environment you have.
- Organizations must prioritize securing cloud workloads at every point in the
security lifecycle as they shift to the cloud.