A new 1E and Vanson Bourne survey conducted among IT and cybersecurity executives in the US and the UK highlights the continued failure of many companies to combat cyber threats, despite increasing security awareness and investments. The report shows that six out of ten organizations experienced a breach in the past two years, while almost one-third (31%) were hit multiple times.
1E CEO Sumir Karayi believes that often CIO and CISOs are to blame for hacks and breaches because “the vast majority of successful attacks today are using known vulnerabilities in well-known software that have been patched already by software vendors,” and stopping those attacks is a simple matter of patching vulnerable systems. However, 93% of companies struggle to keep endpoints secured due to budget limitations, problematic working relationships between IT and infosec departments, and the presence of legacy systems.
The most common causes of breaches identified by the study include the absence of a proper security strategy (52%), unpatched systems (51%), poor collaboration between IT Security and IT Operations (42%), and a lack of patch automation (40%). The report also warns that “breaches are becoming more frequent and more damaging,” in large part because the booming underground economy on the dark web has made it easier for threat actors to make money from stolen data.
Read more: New Cybersecurity Report Warns CIOs — ‘If You’re Breached Or Hacked, It’s Your Own Fault’