Failure of technology to detect attacks is a prime cause of breaches: Survey

Share post:

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests.

Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their technology didn’t detect the breach.

Other top causes (multiple responses were allowed) included a breach due to an attack on the organization’s supply chain (40 per cent); a missed vulnerability (40 per cent); an analyst missing an alert (38 per cent); and password misuse (36 per cent).

More significantly, the number of infosec leaders reporting the root cause of a successful cyber incident was lack of detection is increasing. Respondents said more than three years ago, technology not detecting an attack was the root cause of nine per cent of attacks. But in the past year it was the root cause of 22 per cent of attacks.

“It’s increasingly more likely technology cannot keep up with the attacker’s ability to penetrate their defenses,” the report concludes.

The study, called “The Mind of the CISO: Behind the Breach” interviewed 512 security leaders in medium to large organizations from 13 countries who have managed at least one major cybersecurity incident in the past five years.

Despite the seeming failure of technology to detect many breaches, respondents equally felt that people, processes, and technology needed an overhaul in the IT departments after a successful breach.

Many of those surveyed said in the aftermath of an attack, almost every process and technology was changed (multiple responses were allowed): Forty-six per cent of respondents said they got increased budgets, 44 per cent said they created regular reviews of capabilities, IT infrastructure and staffing, an equal number said they contracted with additional cybersecurity services such as incident response, 42 per cent said they rethought their overall cybersecurity strategy, and 41 per cent said they implemented new frameworks or standards.

Interestingly, few infosec leaders questioned found a successful breach of security controls was devastating to themselves. Ninety-one per cent of respondents slightly or strongly agreed they had an increase in motivation levels during the incident.

“Organizations need to prioritize building cyber resilience to prevent future attacks,” the report concludes. “This requires significant investment in the right people, processes, and technology solutions. As made evident in this research, CISOs are in need of additional resources and support, starting at the board level, to make the required investments, training, and overhaul needed to keep pace with the evolving threat landscape.

“New global regulations and legal ramifications in the wake of cyber incidents should help to prioritize the needs of CISOs moving forward, equipping them with the resources to effectively and efficiently manage cyber threats.”

The post Failure of technology to detect attacks is a prime cause of breaches: Survey first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways