Ten percent of organizations had a security breach in the past year, according to a report from Action1, provider of a risk-based patch management platform.
Almost half of breaches (47%) resulted from known security vulnerabilities, according to the researchers. The most common attack was phishing, reported by 49%.
Over half of victims (54%) had data encrypted by ransomware.
Nevertheless, executive leadership teams at many organizations are not taking the threat of security breaches as seriously as they should, according to the report.
“IT teams rank the lack of support from the executive team for cybersecurity initiatives as the key threat to cyber resilience,” researchers said. “Many IT teams also face operational issues that leave no time for cybersecurity.”
Other key findings from the “2023 State of Vulnerability Report, which is based on feedback from 804 IT professionals:
- Time to combat low cybersecurity awareness among employees has increased over the past year.
- 30% of organizations take more than a month to detect known vulnerabilities.
- 38% of organizations fail to prioritize security flaws, while 40% take more than a month to remediate known vulnerabilities (of them, 24% take more than 3 months).
- On average, 20% of endpoints remain continuously unpatched due to laptop shutdowns or update errors.
“The gaps in the detection and prioritization stages of vulnerability management suggest the actual proportion of unpatched endpoints could be much higher. Organizations must ensure effective communication on all levels to eliminate these gaps, implement automation, and build cyber resilience,” Action1 Co-founder and CEO Alex Vovk said in a press release. “Otherwise, we risk another year of costly breaches.”
This was the second interesting cybersecurity survey released this week.
Trend Micro found that 71% of organizations are being asked about cybersecurity in negotiations with prospects and suppliers, and 78% said such requests are becoming more frequent.
A full 81% said a lack of cybersecurity credential could impact their ability to win new business and 19% said it already has.