While cybersecurity is a major concern for most companies, many still won’t be able to tell if their endpoints (opens in a new tab) was compromised or not. However, this news may not be as bad as it seems.
Cybersecurity researchers from Nozomi Networks found that more than a third (35%) of businesses are unaware if their organization has been compromised. However, last year this figure was 48%, indicating a significant improvement in visibility.
In addition, a quarter (24%) were confident that they would not be involved in an accident this year, double the number from the same period last year.
More money, less accidents
Overall, the number of respondents admitting to being affected by a data breach in the past 12 months fell from 15% to 10.5% last year. A third of them (35%) noted mechanical engineering workstation was the initial carrier of the infection (doubled against 18.4% last year).
The report’s authors suggest that all of these improvements appear to be coming from rising cybersecurity budgets. Two-thirds (66%) named their control system security (opens in a new tab) budget has increased over the past two years (up from 47% a year ago), with 56% saying they are able to detect a compromise within 24 hours (up from 51%). More than two-thirds (69%) can now go from detection to containment within 6-24 hours.
Almost nine in ten (87.5%) have audited their OT/management systems or networks for security issues in the past year (compared to 75.9%) and a third (29%) have implemented a program of continuous assessment. Many monitor the security of their OT system (83%), with 41% using a dedicated OT SOC.
“In the past year, Nozomi Networks researchers and the ICS cybersecurity community have witnessed attacks like Incontroller that go beyond traditional targets in enterprise networks to directly target OT,” said Nozomi Networks Co-Founder and CPO Andrea Carcano.
“As threat actors hone their ICS skills, specialized technologies and frameworks for robust defense are available. The survey showed that more organizations are actively using them. Still, there is work to be done. We urge others to take action now to minimize risk and maximize resilience,” Carcano concluded.
https://www.techradar.com/news/some-businesses-cant-even-tell-if-theyve-been-hit-by-hackers/
