Businesses Are Not Well Prepared to Deal with Serious Security Breaches

A recent survey conducted by Vanson Bourne on 600 IT decision makers has revealed confidence in the ability to respond to a serious data breach is low.

77% of respondents did not believe they were extremely well prepared to deal with a major data breach, which is especially worrying considering 60% of respondents said they had experienced such a breach in the past two years. Just under a third (31%) of respondents said they had experienced more than one serious security breach in that time period.

Digital transformation and the implementation of new technology is vastly outpacing security policies. On average, organizations only have visibility into 64% of their total software estate and 66% of that software is current. 80% of respondents felt that digital transformation increases security risks.

One of the main areas of security concern is remote workers. It is becoming increasingly common for employees to spend at least some of their week working remotely. Remove workers increase security risk, yet many businesses do not have the necessary policies, procedures, and technology in place to address those risks. 77% of respondents said remote workers will continue to be a cause for security concern until their organization finds a method of securing remote workers’ devices and applying patches.

Another issue highlighted by the survey was IT operations and IT security teams often do not work well together. 97% of respondents said they would benefit from greater collaboration between the two teams. Only 23% said both teams work very well together.

In order to improve security posture, greater investment is needed in cybersecurity. The main areas where further investment is required is automation of software migration (80% of respondents), breach response and mitigation (67% of respondents), and software patching (65% of respondents).

Another survey, conducted by AppRiver, found that fear of imminent cyberattacks increases with company size. Its survey was conducted on 1,045 SMBs in April 2019.

Overall, 40% of C-level executives at SMBs said they feel vulnerable to an imminent cyberattack. 52% of larger SMBs with between 150 and 250 employees felt vulnerable to an imminent cyberattack. Fear was highest in the technology, finance, and insurance industries, with 55% of respondents stating they felt vulnerable to an imminent cyberattack. That fear is not unfounded. 69% of all surveyed SMBs said they had been targeted in a cyberattack in the past three months.

One of the most common reasons why SMBs contact AppRiver is to improve security following a successful BEC attack where money has been sent to cybercriminals in a fraudulent wire transfer. According to AppRiver, the average amount lost via fraudulent wire transfers as a result of BEC attacks is $130,000. One new client had recently lost $1,000,000 to such a scam.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of