Mid-market organizations in the UK suffered significant financial and operational damage as a result of cyberattacks in 2021, and want to see fundamental change to how cybersecurity is designed and run, a Censornet research reveals.
33% of mid-market organizations suffered an outage that knocked them offline for more than a day. Only half were able to prevent malicious attachments from reaching users’ inboxes. Shockingly, 21% were forced to pay hackers to deactivate ransomware. As a result, the top wish for cybersecurity in 2022 was to see security vendors open up traditionally closed point products to enable an automated response to cyberattacks.
Gathering insights from 200 UK-based IT and security leaders, covering ten different industries in both the public and private sectors, the research explored the biggest attacks of 2021, the challenges facing the mid-market and their plans for investment in 2022.
“For the UK mid-market, the cybersecurity situation is serious,“ said Ed Macnair, CEO at Censornet. “The financial and reputational cost of cybercrime is rising, putting more pressure on overwhelmed professionals, who are tackling hundreds of alerts a day from siloed point products. Organizations must work smarter, not harder. Only when security systems work seamlessly together, faster than humanly possible, will we see the needle begin to move in the right direction.“
Cyberattacks causing major damage to mid-market organizations
The report reveals that despite concerted efforts to protect themselves, mid-market organizations continued to feel the sting of cyberattacks in 2021 – often due to cross-channel attacks, which only 37% of organizations felt they had the ability to prevent. These incidents were driven in part by the unwitting insider threat: 17% of all respondents reported serious attacks after employees opened suspicious or malicious emails, with that number rising to 28% for businesses turning over more than £51 million.
Ransomware also posed a particularly serious threat, with 69% of organizations feeling unable to protect themselves against it. Of those that suffered a ransomware attack and paid the ransom, the average pay-out was £144,000, with 7% of those handing over more than £500,000.
These vulnerabilities are also worsening in severity as more workers work remotely. 51% of mid-market organizations said they had not purchased cybersecurity products designed to specifically protect against threats for hybrid and remote workers.
Overcomplicated security driving high levels of stress
The research reveals that organizations are investing in large numbers of point products to tackle their risk. The average number of security products managed in a single organization stands at 24. 27% are managing more than 31 security products at once.
As a result, on an average day, 716.4 cyber security alerts are generated. Each security professional has to investigate over 35.3 security alerts every hour and has just 102 seconds to assess what is a genuine threat. Not only that, but 38% of mid-market security staff said they had received a call in the middle of the night to investigate a cyber security incident.
This flood of alerts and out-of-hours demands translates into 47% of professionals feeling overwhelmed, with that figure rising to 59% in the public sector. It’s not hard to see why: 9% of cybersecurity staff say they suffered from sleep deprivation due to cyber security concerns, with the average amount of sleep standing at 5.7 hours per night, considerably less than the seven hours or more recommended by the NHS.
Automation and integration key to improving situation in 2022
In response to the challenges that organizations are facing, respondents indicated a clear need for fundamental change in the way cybersecurity is designed and run over the next year.
46% want security vendors to open up traditionally closed point products to enable automated response to cyber threats and/or cyber attacks. In line with these needs, 76% of organizations said they plan to invest in a cloud-based security platform that allows their security products to autonomously share security event data to better protect their organization.