A huge increase in the number of cyber threats faced by businesses around the world is helping enterprises boost their understanding of their risk and driving efforts to improve their defences.
This is among the key finding of a new report published by Infosecurity Europe, which polled 1,336 security professionals around the world to discover the latest trends affecting the industry. It found concern about data breaches is on the rise, with PwC stating some 42.8 million incidents have been reported globally.
External threats were found to be the main cause for concern, with 32 per cent of respondents stating issues such as malware, hacking, APTs and DDoS attacks were their highest priority. Meanwhile, 44 per cent said the increasingly complex threat landscape is the biggest driver of security strategy and investment within their organisation.
However, two-thirds of respondents agreed that the increased attention being given to security threats by the media is having a positive effect on their thinking. The survey noted that high-profile vulnerabilities such as Heartbleed and Shellshock have raised awareness of the risks businesses face, while reports of breaches at large firms such as JP Morgan Chase and Target show how no firm is immune to security problems.
This has also highlighted how devastating cyber threats can be to a company, both financially and reputationally. For instance, Target's breach is reported to have cost it almost £110 million so far, while the Sony Pictures hack greatly damaged the reputation of both the company and individual executives after private emails were revealed.
As a result, 62 per cent of survey respondents said reputational damage was their main cause for concern should they fall victim to a breach, compared with just 14 per cent who were primarily worried about the financial implications.
Therefore, minimising the impact of breaches on customers is the top priority for businesses when they do come under attack, as more than one in three professionals (34 per cent) named this as a key task. Similarly, 31 per cent of respondents said ensuring business continuity is a main focus.
"Organisations need to find ways of enabling business continuity and protecting their customers," the report stated. "According to the survey results, the most essential element of a successful incident response strategy is the ability to continually evolve the incident response plan to incorporate lessons learned."
The report also highlighted the importance of a robust detection strategy, which it noted has never been more critical to minimise the business impact of breaches.
It found that overall, response rates are improving, with 62 per cent of organisations claiming to be able to spot an incident within seven days. However, Infosecurity Europe observed there is still work to do in this area, as six per cent of respondents admitted it took them six months to become aware of the issue, while two per cent of firms did not detect a breach for over a year.
Worryingly, 15 per cent of professionals who had experienced a security incident in the past year did not know how long it took them to notice, while a quarter of respondents admitted they were unaware if their networks had been breached in the last year.
Investing in the right security solutions is one way businesses can improve their performance in this area and get a better insight into data breaches. Innovations from Encode, supported by IBM QRadar, can give businesses the information they need to spot intrusions quickly, as well as the tools needed to react accordingly to protect data.