Cybersecurity threats loom over enterprises, with 65% impacted in a year

In the corporate world, cybersecurity threats continue to grow at an alarming pace. Over the past year, a staggering 65% of enterprises reported experiencing a cyberattack, mirroring a similar trend observed across businesses of various scales where 68% have fallen victim, as reported by Netwrix. The main forms of cyber threats remain consistent across businesses of all sizes, with phishing, ransomware, and user account breaches leading the pack.

Intriguingly, it has been noted that large corporations are more frequently targeted by ransomware or malware incidents. Nearly half (48%) of these larger entities reported such incidents happening on-site, in comparison to 37% reported across all organizations. Nevertheless, in the cloud environment, malware attacks seem to be less frequent; just over a fifth (21%) of the enterprise respondents claimed to have experienced such an attack in the past year.

As stated by Dmitry Sotnikov, VP of Product Management at Netwrix, this prevalence of malware attacks on larger organizations should not come as a shock. Ransomware operators have a vested interest in maximizing their profits. Hence, they weigh which organizations possess the financial muscle to pay a substantial ransom to mitigate business interruptions. Understandably, the larger the organization, the more disruptive and costly an operation halt will be.

Simultaneously, Sotnikov noted that larger organizations are better equipped to detect attacks, an advantage that may elude small to medium-sized businesses (SMBs). The expansive infrastructure of larger organizations inherently includes more endpoints, statistically amplifying the likelihood of a security incident. Furthermore, large-scale corporations report higher costs stemming from cyberattacks compared to smaller businesses. For instance, 28% of enterprises estimated their financial losses from cyber threats to be $50,000 or more, a significant leap from just 16% across all organizations.

Dirk Schrader, VP of Security Research at Netwrix, suggests that smaller companies often have a misguided perception of their vulnerability to cyberattacks. They presume that their risk is lower as cybercriminals are more likely to target larger enterprises, which house a wealth of intellectual property (IP) and sensitive data. However, Schrader warns that this assumption is unfounded. As revealed by their survey, the frequency of cyberattacks is not dependent on the size of an organization.

All organizations, regardless of their scale, hold data of considerable value, such as customer and employee information, making them all potential targets for attackers. Furthermore, Schrader warns SMBs that they are not only potential targets in their own right but also as conduits to larger corporations that utilize their services.