Phishing emails impacted one in two Indian organisations that were hit by a cyber attack, according to a new survey by global cyber security company Sophos.
The survey, The Impossible Puzzle of Cybersecurity, reveals IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology.
The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.
The Sophos survey shows how attack techniques are varied and often multi-staged, increasing the difficulty to defend networks. One in six IT managers surveyed didn’t know how they were breached, and the diversity of attack methods means no one defensive strategy is a silver bullet.
“Cybercriminals are evolving their attack methods and often use multiple payloads to maximize profits. Software exploits were the initial point of entry in 41 percent of incidents, but they were also used in some fashion in 35 percent of all attacks, demonstrating how exploits are used at multiple stages of the attack chain,” said, Sunil Sharma, Managing Director-Sales, Sophos India & SAARC.
“Organizations that are only patching externally facing high-risk servers are left vulnerable internally and cybercriminals are taking advantage of this and other security lapses.”
The wide range, multiple stages and scale of today’s attacks are proving effective. For example, 54 percent of those who fell victim to a cyberattack were hit by a phishing email, 39 percent by ransomware and 48 percent said they suffered a data breach.
Based on the responses, it’s not surprising that 50 percent of IT managers consider software exploits, unpatched vulnerabilities and/or zero day threats as top security risks, while 43 percent consider phishing as a security risk.
With cyberthreats coming from supply chain attacks, phishing emails, software exploits, vulnerabilities, insecure wireless networks, and much more, businesses need a security solution that helps them eliminate gaps and better identify previously unseen threats. Sophos Synchronized Security, a single integrated system, provides this much needed visibility to threats by integrating Sophos endpoint, network, mobile, Wi-Fi, and encryption products to share information in real-time and automatically respond to incidents.
The Impossible Puzzle of Cybersecurity survey was conducted by Vanson Bourne, an independent specialist in market research, in December 2018 and January 2019. This survey interviewed 3,100 IT decision makers in 12 countries and across six continents in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa. All respondents were from organizations with between 100 and 5,000 employees.