Research: One-Third of Organizations Forced to Change Leadership as a Result of a Cyberattack

Research: One-Third of Organizations Forced to Change Leadership as a Result of a Cyberattack

IT and security leaders must address, on average, one cyberattack per week according to a new study released titled “The State of Data Security” by Rubrik Zero Labs. Rubrik, the Zero Trust Data Security Company, commissioned a study from Wakefield Research to gather insights from more than 1,600 security and IT leaders including CISOs, CIOs, VPs, and Directors across 10 countries. The findings exposed rising security risks for organizations, resulting in widespread damage to organizations and their IT and security teams.

Key findings of “The State of Data Security” by Rubrik Zero Labs include:

Cyberattacks Continue to Surge in Volume and Impact:

  • Nearly every leader surveyed experienced a cyberattack over the past year, and on average faced 47 attacks in that timeframe — or nearly one cyberattack per week.
  • 52% reported a data breach and 51% reported facing a ransomware attack in the past year.
  • Only 5% of organizations were able to return to business continuity or normal operations within one hour of discovering a cyberattack.
  • 48% of IT and security leaders reported to be concerned about data breaches (25%) or ransomware events (23%) as the top threat for the year ahead.

Organizations Are Losing Confidence in Their Ability to Withstand Attacks:

  • 92% of respondents are concerned they will be unable to maintain business continuity if they experience a cyberattack.
  • One third believe their board has little to no confidence in their organization’s ability to recover critical data and business applications after a cyberattack.
  • 76% of survey respondents reported their organization is likely to consider paying a ransom following a cyberattack.
  • 11% of IT and security leaders said they had not adequately addressed vulnerabilities from previous cyber events.

The Weight of Cybercrime Is Taking a Toll:

  • 96% of respondents reported experiencing significant emotional or psychological consequences following a cyberattack, ranging from worries over job security (43%) to loss of trust among colleagues (37%).
  • Approximately one third of respondents reported leadership changes as a result of a cyberattack.
  • Approximately one third of leaders surveyed said their IT and SecOps teams were either somewhat or not at all aligned when it came to defending their organizations.

“It’s clear from this research that cyberattacks continue to produce large impacts against global organizations and the effects are compounding,” said Steven Stone, Head of Rubrik Zero Labs. “In addition to this rise in frequency and impacts of cyber events, the individuals on the front lines are taking a psychological hit on their wellbeing. Trust is down and anxiety is up. Without a proactive and reliable approach to defend against modern cyberthreats and strengthen confidence in an organization’s ability to resolve these cyber events, these impacts - both human and organizational - will continue to worsen and feed each other. The good news is we’re also seeing pragmatic, proven strategies in this same space paying off and we can build off these approaches.”

“We often overlook the psychological dimension of cyberattacks and the chaos that tends to follow after discovering an incident,” said Chris Krebs, Former Director of CISA and Founding Partner of the Krebs Stamos Group. “The bad guys sure have figured it out, though, with criminals and state actors alike trying to generate emotional responses when they attack, as evidenced by the increase in criminal extortion efforts and hack and leak campaigns. In the end, IT and security leaders alike tend to take the blame for these cyberattacks. One of the most effective techniques I’ve seen to prepare for these types of attacks is to accept you’re going to have a bad day at some point, and your job is to ensure that it doesn’t become a “worse day.” This is why we need defenders across the spectrum to come together - sharing best practices, learnings after attacks, simulations, frameworks - so that we’re collectively strengthening our defenses and minimizing the psychological impact brought on by an attack.”

“The State of Data Security” comes from Rubrik Zero Labs, the company’s ​​new cybersecurity research unit formed to analyze the global threat landscape, report on emerging data security issues, and give organizations research-backed insights and best practices to secure their data against increasing cyber events.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.