Netwrix has revealed additional findings for the enterprise sector (organisations with more than 1,000 employees) from its annual global 2024 Hybrid Security Trends Report.
According to the survey, 84% of organisations in the enterprise sector spotted a cyberattack within the last 12 months, compared to only 65% in 2023. The most common security incidents are phishing, user or admin account compromise, and ransomware or other malware attacks.
“The surge in the attack rates across organisations of all sizes, including the enterprise sector, may indicate that threat actors found AI automation extremely beneficial. With the introduction of AI, sending a massive number of phishing emails and probing systems and services for vulnerabilities is only a matter of orchestration on those platforms operated by cybercriminals. Constant pressure stresses the security teams and might lead to reduced and worn-out protection levels. To ease this burden, organisations should consider involving third-party investigators as a part of their incident response plan. It will help offload the internal security team when dealing with an ongoing attack,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.
For 53% of attacked large organisations, a security incident resulted in additional unexpected expenses to fix security gaps. Each fifth enterprise faced compliance fines (22%) and a reduced competitive edge (21%). Moreover, 30% of enterprises estimated their financial damage from cyber threats to be at least $50,000, compared to just 17% among organisations overall.
“Typically, large enterprises have already implemented the basic security controls and thus must address more complex and costly issues in the aftermath of an attack. Where a smaller organisation may have a quick fix available and can accept certain risks, enterprises must invest in the security team, process changes, and tooling to close even the smallest gaps exploited by the attacker,” says Ilia Sotnikov, Security Strategist at Netwrix.
