Top Cybersecurity Practitioners Report the Greatest Cyberthreats of 2020
The annual Cyberthreat Defense Report (CDR) collects and analyzes responses received from 1,200 IT security decision makers and practitioners, with the help of the world’s top cybersecurity firms, including sponsor PerimeterX. This year’s report represents 19 digitally connected industries and 17 countries. The report presents vital stats and insights into organizations’ posture and preparedness for cybersecurity threats. Readers can use the report to benchmark their own organization against their peers.
Bad actors in cybersecurity continue to remain active in increased numbers. Over the past few years, the percentage of organizations affected by a cyberattack had plateaued, but in 2019, it jumped to 80%. Organizations are now anticipating more attacks than ever, even with increased spending on security. Retail businesses, 82% of which reported at least one successful cyberattack in 2019, are allocating 12.7% of their IT budget to security. We expect these numbers to evolve as attack patterns change due to the Coronavirus pandemic.
Another significant takeaway from the report is that account takeover (ATO) or credential stuffing attacks rank within the top 5 cyberthreats across all verticals. This shows a disconnect with many organizations feeling confident about the security posture of their websites and web applications despite the rise in ATO. ATO attacks are business logic attacks and do not fall into the traditional definition of security threats that abuse communication protocols to gain access to user data. While companies are prioritizing the acquisition of web security technologies like API gateways, decision makers should also evaluate the business risk of all automated threats including ATO, carding and web scraping and new client-side threats like Magecart and digital skimming.
In 2020, preparedness for ongoing increases in digital businesses is key. First and foremost, organizations must ensure that they have a knowledgeable staff of IT personnel. The inability to hire and retain cybersecurity talent remains a top concern for companies. To keep up with the increasing sophistication of cyberattacks across industries, the implementation of solutions based on machine learning and AI is necessary to proactively identify and mitigate new attack patterns and vectors. As more organizations and their IT departments gravitate in this direction, they will be better equipped to handle the dynamic nature of modern cyberthreats.
Read the complete Cyberthreat Defense Report 2020 here.