- Organizations are spending more on cybersecurity, but that does not mean they have confidence
- 67% of companies experienced a data security violation in the last 24 months
- Almost a third suffered a data violation as a result
Most companies (67%) have experienced data violation in the last 24 months, despite an increase in spending, show a new Pentera research, with 24% experiencing a violation in the last 12 months and 43% in the last 12 months.
During these infractions, the most common interruption suffered was the unplanned inactivity time, with 36% of the violated organizations affected. Many companies also suffered a data violation (30%) and financial losses (28%), which shows how harmful security violations can be.
Of those who revealed the impacts of the violation, an impressive 76% reported an impact on confidentiality, integrity and/or availability of their data, without only 24% not to report a significant impact.
Low trust
The confidence in cyber support for the private sector is low, with only 14% confident in the cybersecurity support of its government, with 64% of the CISOs that report that the government is giving help to protect the private sector, but it is not enough.
American companies spent an average of $ 187,000 annually on penetration tests, or ‘panties’, simulating cyber attacks against their own systems to test vulnerabilities; This is equivalent to just over 10% of IT total security budgets, but more than 50% of the Ciso say they will increase this in 2025.
Changes in company infrastructure, such as additional users, new configurations and permissions updates, are occurring at a much faster rate than security validation, with 96% of US companies that report that they make these changes “at least quarterly, but only 30% are repressing the same frequency,” the report suggests.
“The rhythm of change in business environments has caused traditional test methods to be unsustainable,” said Jason Mar-Tang, Field Ciso in Pentera.
“96% of organizations are making changes in their environment at least quarterly. Without the validation driven by automation and technology, it is almost impossible to keep the pace. The reports of the report reinforce the need for scalable security validation strategies that meet the speed and complexity of current environments.”
