A recent global study by Willis Towers Watson and ESI ThoughtLab explores the dangers posed to enterprises by cyber criminals. On average, firms lose $4.7 million to cyber criminals annually. Additionally, 10% of firms lose more than $10 million due to cyber attacks.
Moreover, the percentage of enterprises suffering from cyber criminals’ attack tactics increased from 57% to 71%.
Cyber Criminals: Tactics and Vulnerabilities
Indeed, the study by Willis Towers Watson and ESI ThoughtLab only confirms the recent slate of studies indicating the dangers posed by cyber criminals.
According to the Verizon 2019 Data Breach Investigations Report:
- Ransomware constitutes almost 24% of security incidents.
- External threat actors contribute 69% of all breaches.
- Insider threats contribute 34% of breaches.
Meanwhile, according to the Grand Theft Data II –The Drivers and Shifting State of Data Breaches report by McAfee:
- 61% of IT professional respondents said they experienced a data breach at their current enterprise.
- Nearly three-fourths of data breaches in 2018 required public disclosure.
- Malware-driven theft increased from 23% in 2015 to 29% in 2018.
- Also, 52% of all breaches or leakages involve enterprise IT departments or security departments.
What Does This Mean For SIEM?
The growing average costs of enterprise data breaches directly correlates with increased hacker dwell times. In fact, the longer hackers can inhabit your network undetected, the more damage they can wreak. Also, the longer they dwell, the more serious the consequences regarding compliance mandates and lost customer trust.
However, the issue with dwelling threats is they could hypothetically dwell anywhere in your enterprise infrastructure. As enterprises increasingly migrate to the cloud or embrace hybrid environments, maintaining visibility over the entire network proves increasingly challenging.
If your enterprise struggles with network visibility, you should consider deploying a next-generation SIEM solution. SIEM allows you to compile logs from the most sensitive network areas, normalize them, and analyzes them for security correlations. Additionally, if it detects a potential security incident, it can alert your IT team, shortening investigation and remediation times.
Latest posts by Ben Canner (see all)
- 5 Key Security Analytics Capabilities for Security Operations Centers - October 17, 2019
- 40 Percent of Security Practitioners Don’t Report to the Board - October 15, 2019
- What Do SIEM Components Actually Do For Enterprises? - October 10, 2019