5 shocking cyber security statistics

Reports and statistics are a staple of the cyber security industry. They’re usually intended to bring to our attention issues that organisations are failing to address and remind us that the problems one organisation faces are probably shared by thousands of others.

We’ve highlighted five of the most important findings from recent cyber security reports. Does your organisation also face these problems, or have you successfully addressed them?

  1. 43% of organisations say malicious insiders are their biggest concern

When it comes to staying secure, the danger of cyber attacks grabs most people’s attention, but organisations shouldn’t ignore the threat that their employees pose. In a 2017 study by SANS Institute, 43% of respondents said that malicious insiders were their biggest concern.

Even though 62% of respondents said they never experienced an insider attack, the study concluded that this was probably because few organisations are able to spot an insider incident when it occurs. The findings appear to support this, with 38% of respondents saying that the systems and methods they use to monitor insider activity are ineffective.

  1. Spear phishing attacks rose by 50% in Q4 2017

Why try to hack a secure system when you can just trick someone into handing over sensitive information? This is something that more cyber criminals are asking themselves, according to Mimecast’s Q4 Email Security Risk Assessment.

Spear phishing emails, which manipulate people into believing they are corresponding with a legitimate source, are dominating traditional phishing emails, rising by 50% over the final quarter of 2017.

  1. 86% of government entities aren’t prepared for cyber attacks

According to a report from Netwrix, 86% of government entities said they didn’t consider themselves well prepared to tackle cyber attacks.

Government entities are attractive targets for cyber criminals because of the extensive volume of sensitive data that they store on both citizens and local or national security.

  1. 31% of organisations rely on outdated cyber security tools

Cyber security spending continues to rise steadily but many organisations are failing to upgrade essential tools to identify and respond to threats, according to consultancy company Ovum.

Ovum’s study found that 31% of respondents relied solely on outdated cyber security tools, such as basic search and monitoring. This leaves organisations increasingly susceptible to cyber attacks as criminals discover new vulnerabilities and attack methods that older cyber security tools can’t identify.

  1. Employees at 92% of organisations are snooping on their network

Almost all organisations must deal with employees attempting to access information that is not necessary for their day-to-day work, according to a global survey by One Identity. Almost a quarter (23%) of respondents admitted this behaviour occurs frequently in their organisation.

Perhaps even more alarmingly, 64% of respondents said they have accessed sensitive information about their company’s performance, with executives and those in smaller organisations being more likely to do so.

Subscribe to the Daily Sentinel for all the latest cyber security news and advice.