Cybercriminals Are Outspending UK Firm’s Security Teams By Ten to One
Almost all UK businesses admit being breached by cyberattacks in past year, according to a Carbon Black security report.
As many as 92% of UK companies have been breached in the past 12 months and almost half (44%) have been breached between three and five times.
This is according to a cybercrime report from endpoint security specialist Carbon Black, titled ‘Hacking, Escalating Attacks and The Role of Threat Hunting’.
The research showed that cyberattack frequency has risen, with 82% of UK businesses reporting an increase in attempted attacks during the past year. Perhaps more alarming is that 91% of surveyed UK businesses said attacks are becoming more sophisticated, leveraging techniques such as lateral movement, counter incident response, and island hopping.
The report states that spear phishing, ransomware, weak security processes, outdated software, commodity malware, crypto jacking, and supply chain attacks are all contributing to data breaches in the UK.
It also highlights a major discrepancy in cybersecurity versus cybercrime investment. Cybercriminals are spending approximately £768 billion on developing cyberattack weapons annually. Conversely, defenders are spending about £74 billion, meaning attackers are outspending defenders by a ratio of more than 10 to one.
Only one in 20 UK businesses in the survey reported being aware of this major gap and almost two thirds of surveyed UK businesses are only planning modest increases in cybersecurity budgets in the coming year.
The news is not all bleak, though. Two thirds of UK organisations in the survey said they have pro-actively conducted threat hunting in the past year to strengthen their defences. Within companies that actively threat hunt, more than 90% said threat hunting had toughened their defences.
Tom Kellermann, chief cybersecurity officer, Carbon Black, said: “The stats clearly show that defenders are not keeping up with attackers’ spending. The fact that 92% of UK companies have experienced a breach in the last year and nearly half have been breached multiple times is sobering. It’s critical to educate UK businesses on the threats they face and how these threats can be mitigated.”
Carbon Black commissioned independent researcher Opinion Matters to conduct the survey in August 2018. More than 250 UK CIOs, CTOs and CISOs were surveyed from companies from a range of vertical industries including financial, healthcare, government or local authority, retail, manufacturing, food and beverage, oil and gas, professional services, media and entertainment.