Kaspersky Lab Survey: IT Security Experts Uncertain on How to Combat Targeted Attacks

Woburn, MA – November 2, 2017 – Kaspersky Lab announced today a new report, “New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks,” which found that businesses realize a security breach will happen to them at some point (57 percent vs. 51 percent last year), but they remain unsure of the most effective strategy to combat threats like targeted attacks (42 percent). Perhaps more worryingly, the study showed that uncertainty is significantly higher (63 percent) among respondents who are IT security experts and should, therefore, be more familiar with the issue.

Increasing uncertainty combined with complex attacks

Cybercriminals, as well as their skillsets and weapons, vary dramatically – from less sophisticated crooks that bully the least protected companies by striking at mass, to advanced military-like groups of hackers that target ‘big prizes’ with multi-layered operations that may not even involve any malware.

This year’s study reveals that targeted attacks have become one of the fastest growing threats in 2017, increasing in overall prevalence by 11 percent for large enterprises. In addition, two-thirds of respondents (66 percent) in the study agreed that threats are becoming more complex and for more than half (52 percent), it’s becoming difficult to tell the difference between generic and complex attacks.

The best incident response: technology, people and processes

Surprisingly, and despite the high level of uncertainty about their strategies, the majority of companies (77 percent) believe that they spend enough – or even overspend – on protection from targeted attacks. This is perhaps due to how threat protection is perceived: threats are sometimes merely seen as a technical problem to be solved through buying and deploying more advanced cybersecurity solutions. A more balanced approach to incident response, however, includes investing not only in the right technologies, but also in people with specific skillsets and in the right processes.

Technology is one of the most important parts in this combination. As the study shows, there is a clear need for security solutions that go beyond prevention and provide a more complete package, also adding a detection and response functionality. For example, 56 percent of businesses agree that they need better tools to detect and respond to advanced persistent threats (APTs) and targeted attacks.

This is especially true, given the fact that detection speed is crucial in reducing the financial impact of an attack. According to the report, in the last year, just a quarter (25 percent) of companies discovered their most serious security incident within a day; however, immediate detection significantly lowers the average cost of recovery – for example from $1.2 million for enterprises that take more than a week to detect the threat, to $456,000 for those that can detect a threat right away.

People are another crucial component with 53 percent of businesses agreeing that they need to employ more specialists with specific experience in IT security, namely in SOC management, incident response and threat hunting – this figure jumps to 61 percent among enterprises. This is not surprising, as a lack of internal experts increases a company’s exposure to targeted attacks by 15 percent, and also increases the average financial impact of an attack on enterprises – from $930,000 to $1.1 million.

Overall, to be able to effectively combat complex cyberthreats, organizations also need to think about incident response as a process, not a destination. This means that there’s a need for a comprehensive incident investigation framework, comprised of always-on monitoring, advanced detection and critical security event mitigation.

“Now that companies are starting to realize that cybersecurity breaches are a real risk to their business continuity, it’s time to give incident response the attention it deserves,” says Alessio Aceti, head of the enterprise business division, Kaspersky Lab. “It can no longer be a small part of the IT security department’s responsibilities, and should instead involve strategic planning and investment at the highest level. For organizations, this doesn’t mean becoming risk-free but it will certainly help to become risk-ready and survive a serious breach when it happens.”

To read more about incident response strategy, please visit our blog. The full report ‘New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks’ is available here.

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact:
Denise Bertrand
781.503.1836
Denise.Bertrand@kaspersky.com