- Organizations spend more in cybersecurity, but that does not mean that they are confident
- 67% of companies have experienced data security violation in the past 24 months
- Almost a third party has suffered a data violation
Most companies (67%) have experienced a data violation in the past 24 months, despite an increase in spending, according to new Sentera research, with 24% violation in the last 12 months and 43% in the last 12 months.
During these violations, the most common disturbance suffered was unforeseen downtime, with 36% of the organizations raped affected. Many companies have also undergone a data violation (30%) and financial loss (28%), showing how damaging security can be.
Among those who disclosed the impacts of the violation, a shocking of 76% reported an impact on confidentiality, integrity and / or availability of their data – with only 24% reporting no significant impact.
Low confidence
Confidence in the support of cyber in the private sector is low, with only 14% confident in the support of the cybersecurity of their government – with 64% of CISOs indicating that the government provides aid to protect the private sector, but it is not enough.
US companies have spent an average of $ 187,000 per year on penetration tests, or “ Pensesting ”, simulating cyber attacks against their own systems to test vulnerabilities – this represents just over 10% of total computer security budgets, but more than 50% of CISOs say they will increase this in 2025.
Changes in the company’s infrastructure, such as additional users, new configurations and authorization updates, occur at a much faster rate than security validation, with 96% of American companies’ reports making such modifications “at least one quarterly, but only 30% are at the same frequency”, suggests the report.
“The pace of change in corporate environments has made traditional test methods unsustainable,” Jason Mar-Tang, Ciso Field in Pentera, told.
“96% of organizations make changes to their IT environment at least quarterly. Without automation and validation focused on technology, it is almost impossible to follow.
