Cliff Notes to 3 Notable Cybersecurity Studies

trends in security analytics

There have been several new cybersecurity reports published since the beginning of the year. It’s hard enough to keep pace with security events, let alone the studies about the events, so we’ve put together a cliff note version for the time-strapped security professional.

Each section provides a link to the underlying source along with links to news and commentary around the study for additional review.

Interestingly, in mulling over the aggregate of data, the trend line appears to follow a trajectory like this:  incidents and breaches are up and so security budgets are shifting to address the business problem.

This post provides a short summary and a links to underlying sources recommended for additional reading.   Here are the cliff notes to these three cybersecurity studies:

1) Costs add up as Cyber Incident Volume Grows

More than 85% of executives experienced a cyber incident over the past year, per Dark Reading.  The data stems from the 2016/2017 Global Fraud and Risk Report by Kroll which commissioned Forrester Consulting to survey 545 executives.

It’s worth noting that an “incident” is not necessarily synonymous with a breach.  The Dark Reading report summed up the type of incidents this way:

  • 38% experienced theft or loss of intellectual property
  • 33% reported virus attacks
  • 26% experienced phishing attacks in email

Interestingly, the origin of many cyber incidents could belong to a familiar face. “Nearly half (44%) of respondents hold insiders responsible for cyber incidents; more than half (56%) say insiders were ‘key perpetrators’ of security problems.”

“Statistics prove that more risk exists within an organization,” wrote Ryan Francis, the managing editor of CSO. He put together a handful of tips on how to eliminate insider threats.

Technology trade publication eWeek honed in on the costs of such incidents.  The majority 57% reported the costs of such incidents costs enterprises 1-3% of revenue. Another 10% of respondents said the cost was 4-6% of revenue, and, alarmingly, 3% put the cost between 7-10% of revenue.

2) Data Breaches Set U.S. Record in 2016

There were more than a thousand U.S. data breaches in 2016, which was a 40% increase over the previous year and set an all-time record.  More specifically, a report by the Identity Theft Resource Center (ITRC) and CyberScout put that number at precisely 1,093 – well above the 780 breaches reported the previous year.

The organization has tracked breaches across five sectors since 2005.  The business sector experience the most breaches with 494 in 2016, while the financial sector experienced the least with 52.  The report suggested recent efforts to make breach information publicly available may have been a contributing factor to the spike.

In a news analysis for Light Reading, Security Editor Curtis Franklin places this into context:

“Regardless of the source, there’s no doubt that the number of records involved in data breaches in 2016 was huge. A quick scan through the list of breaches made public in 2016 (though the list includes some breaches that occurred in previous years) show more than 2.3 billion records revealed to unauthorized individuals. And those compromised records carry a steep cost. Per the 2016 Cost of Data Breach Study, Global Analysis conducted by the Ponemon Institute, the average cost per lost record is $158, with an average cost per breach of $4 million.”

Hacking, skimming or phishing “attacks accounted for 55.5 percent of breaches in 2016, an increase of 17.7 percent over 2015,” per reporting by eSecurity Planet.  “Accident exposures of information by email or online came in second at 9.2 percent, followed by employee error at 8.7 percent.”

The attackers were “sophisticated, extremely creative and dogged” in their pursuit of information, the target of which, appears to have shifted.  More than half (52%) involved social security numbers (SSN) which rose 8% over 2015, while roughly 13% targeted credit or debit card information, which was down 7% from the previous year.

“The spike in SSN exposures is in clear alignment with the surge of CEO spear phishing attacks, which target this type of information,” per the report.

3) Security Budgets Shift Towards Detection

Enterprises are increasingly concerned about existing cyber threats and are shifting their budgets to more thoroughly address detection, per an Anderson Research survey reviewed by Help Net Security.  Upwards of three-fourths of security budgets have been allocated to traditional breach prevention tools, but the findings indicate nearly half may soon be dedicated to detection tools.

“These numbers validate that organizations are adopting an ‘assumed breached’ security posture and are now looking to modernize their security infrastructure with tools that provide accurate in-network threat visibility and will improve their efficiency in post infection detection and response,” per the article.

Noteworthy statistics from the survey include:

  • 70.3% of respondents are more concerned about in-network threat detection than in previous years.
  • 51.9% say current security defenses reliably prevent cyber threats
  • 54.5% say lack visibility to threats inside the network
  • 52.2% say they receive too many false positive alerts
  • 59.2% say correlating attack information

“There have been too many breaches in the past to suggest that prevention tools alone can protect organizations,” per an online statement by Attivo Networks, which sponsored the survey.

Indeed, the hunt for threats already inside the firewall appears to be on.  As our own CEO, John Trauth, recently remarked:

“The reality is threats already exist inside the firewall leaving organizations at risk and security analysts with the near impossible task of keeping up in a complex infrastructure. IT Security must layer in new methods of detection aimed at the east-west traffic to mitigate threats and reduce complexity, dwell time and time to containment.”

* * *

What do you think? Will a shift in cybersecurity focus and investment to detection help ensure the final tally for this falls short of the records set last year?

If you enjoyed this post, you might also like:
Breaking Down 6 Cybersecurity Salary Surveys: What’s a Security Pro Worth in 2019? 

Photo credit: Flickr, Blogtrepreneur, Hacker (CC BY 2.0)

Back to Blog


Bricata Included as a Representative Vendor in a new Market Guide for Intrusion Detection and Prevention Systems by Gartner, Inc.
“IDS is still a widely deployed use case. Despite claims of IDS being dead, it is alive and well, and in use by a large percentage of Gartner clients,” wrote Gartner analysts.
+ +