Cyberinc today announced the availability of its inaugural Cyber Insights 2021 Report, showcasing results from a recent end user survey about cyber threats and corporate security initiatives to help organizations make more informed security decisions.
The report reveals that in the people-process-technology triad, human error is the top reason for breaches, accounting for 70% of successful attacks. The next biggest cause is vulnerability management through patches and upgrades, accounting for just 14% of successful attacks.
The Cyber Insights Report also shows that more than 60% of respondents said that securing remote users is their top security priority in 2021, and roughly three-fourths of individuals indicated that their organization is unable to keep up with the increasing volume of cyber alerts. At the same time, only one in six respondents expressed confidence in their organization’s current security investments.
These findings are in line with other research which discloses that even with more investment in enterprise security programs, the cost to business from successful breaches and attacks continues to worsen. A recent report by Canalys shows that despite a 10% increase in security spending, the number of breaches in 2020 set a record, hitting a level greater than the previous 15 years combined1. Additionally, IBM’s Cost of a Data Breach Report 20202 states that the average total cost of a data breach was $3.86M in 2020.
Verizon’s 2020 Data Breach Investigations Report says that nearly three and a half percent of users will still click on a malicious link in a phishing email, no matter what3, showing that investments in increasing employees’ cyber awareness and education can help but not stop organizations from potentially losing millions of dollars to hackers. These statistics, combined with the findings discussed in the Cyberinc Cyber Insights Report, underscore the importance of putting in place new processes and technologies to protect organizations from a problem that will likely persist, given that cybersecurity is not the average employee’s job.
“It’s simply not realistic to expect that employees can make the right judgment call on the credibility of a potentially malicious email,” said Nirav Shah, COO of Cyberinc. “We see examples all the time where individuals unknowingly click on something that looks legitimate and cause their organization to be a victim of a costly malware attack. But it’s not their fault. Mistakes are human nature. Securing the click without burdening the user is the job of the security stack. The user should only be concerned about operating the business.”
“Protecting the click by remotely isolating it and ensuring the end user is safe from risky content is a significant step toward protecting users and organizations at large,” he continued. “Rooted in Zero Trust, remote browser isolation is critical technology that blocks nearly 90% of successful attacks before they are weaponized and can cause damage, and can save companies millions of dollars in ransomware, credential theft, and other damaging attacks.”
SANS analyst Matthew Bromiley recently published a report touting the benefits of browser isolation, titled “All Roads Lead to the Browser: A SANS Buyer’s Guide to Browser Isolation.” The report underscores the critical need for remote browser isolation in the enterprise as a way to proactively stop ransomware, phishing, and other Internet-based threats. With evolving remote work models and organizations’ increasing reliance on the cloud, Bromiley asserts that the browser has become the new endpoint – and securing it through an isolation platform is key to stopping prominent attacks before they can strike.
To read Cyberinc’s full Cyber Insights 2021 Report, visit https://marketing.cyberinc.com/LP-Survey-Report-2021.html.
Cyberinc prevents web, email, and document-based threats before the breach. The company uses a Zero Trust model, powered by isolation-based security, to shrink the exposed threat surface and eliminate the risk of breach from an inadvertent click or document download. The company simplifies security by preventing threats before they cause damage. Cyberinc is trusted by business and government institutions around the world. More information can be found at cyberinc.com.