30% of attacked enterprises estimated their financial damage from cyber threats to be at least $50,000, compared to just 17% among organizations overall.
FRISCO, Texas, September 17, 2024 – Netwrix, a vendor that delivers effective and accessible cybersecurity to any organization, today revealed additional findings for the enterprise sector (organizations with more than 1,000 employees) from its annual global 2024 Hybrid Security Trends Report.
According to the survey, 84% of organizations in the enterprise sector spotted a cyberattack within the last 12 months, compared to only 65% in 2023. The most common security incidents are phishing, user or admin account compromise, and ransomware or other malware attack.
“The surge in the attack rates across organizations of all sizes, including the enterprise sector, may indicate that threat actors found AI automation extremely beneficial. With the introduction of AI, sending a massive number of phishing emails and probing systems and services for vulnerabilities is only a matter of orchestration on those platforms operated by cybercriminals. Constant pressure stresses the security teams and might lead to reduced and worn-out protection levels. To ease this burden, organizations should consider involving third-party investigators as a part of their incident response plan. It will help offload the internal security team when dealing with an ongoing attack,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.
For 53% of attacked large organizations, a security incident resulted in additional unexpected expenses to fix security gaps. Each fifth enterprise faced compliance fines (22%) and a reduced competitive edge (21%). Moreover, 30% of enterprises estimated their financial damage from cyber threats to be at least $50,000, compared to just 17% among organizations overall.
“Typically, large enterprises have already implemented the basic security controls and thus must address more complex and costly issues in the aftermath of an attack. Where a smaller organization may have a quick fix available and can accept certain risks, enterprises must invest in the security team, process changes, and tooling to close even the smallest gaps exploited by the attacker,” says Ilia Sotnikov, Security Strategist at Netwrix.