In recent years, we have seen an increasing number of cyber attacks on businesses, with sometimes disastrous consequences. In our Security Operations Centre, we protect our customers against these cyber attacks by investigating security alerts and blocking cyber-attacks. Our cyber experts have analysed over eleven thousand alerts from the past year. In this blog, we share the results of this analysis and discuss the trends we have seen over the past year.
Chance of being hacked is 1 in 5
The chance of being hacked as a business has been increasing for years now. According to our data analysis, 1 in 5 businesses would be the victim of a cyber incident with impact, even if an antivirus solution and firewall are present. The main attacks are ransomware and 'business email compromise' (phishing), with approximately equal numbers of incidents between the two.
On average, a customer is hacked 0.3 times. Due to some companies being affected more than once, the chances of your business being affected by a cyber incident come out to a shocking 1 in 5.
5 out of 100 businesses have already been hacked
Traditionally, cybersecurity has been represented as a castle, with a high wall being built primarily to keep out intruders. If this wall is breached, intruders can often roam freely on the inside. To prevent impact in case of a break-in, it is crucial to have guards on the inside in addition to the wall, so that you can quickly intervene when you see someone who does not belong there. That is what we achieve with Managed Detection and Response (MDR) among other things. Our software and experts monitor your systems and signal any unusual or unsafe behaviour, so that cyber attacks can be quickly detected, and the impact can be avoided.
According to our research, 5 out of 100 businesses have already been hacked before becoming a customer of Eye Security. In most cases, these are back doors in the castle wall that are left ajar to be used as an entrance later. If a company installs Eye Security's software, the system will immediately sound the alarm in the event of misuse of the back door. We also actively search for back doors to remove them before they can be used.
Experts reduce impact by 80%
The effectiveness of cyber security measures is largely dependent on the expertise of the individuals managing them, rather than the technology itself. According to our research, only 20% of impact reduction comes from the implemented software, while 80% can be attributed to the experts who evaluate the alerts. In other words, implementing Endpoint Detection & Response without a good team to evaluate the alerts has limited impact on the security of businesses.
Unfortunately, cybersecurity experts are extremely scarce and it is almost impossible - and unaffordable - for an average company to hire such a specialist. This means that this expertise must be outsourced. This is the added value that Managed Detection and Response offers over just an EDR solution. In addition, an MDR service often includes more services than just Managed EDR, such as monitoring Microsoft 365 or Google Workspace environments against phishing attacks, and monitoring the online attack surface for misconfigurations and other major risks.
Insurance is better
While the number of cyber incidents is generally on the increase, it is decreasing among companies with cyber insurance. This is not surprising: insurers are increasingly setting stricter security requirements for companies before they insure them. These extra requirements help make organisations more resilient. However, it also means that fewer and fewer companies are eligible for cyber insurance. The MDR solution from Eye Security guarantees that you can get cyber insurance.
ROI of cyber security
Our customers would have been hacked an average of 0.3 times last year. We have calculated the average damage this would have caused, distinguishing between business email compromise and ransomware attacks. By comparing this with the costs of Eye Security's services, we can calculate the return on investment of Eye Security's security package. This is over 300% and shows that cyber security measures pay off.
Find out more
Are you looking for more information on the cyber security landscape and the resilience of businesses? Our infographic provides additional statistics and insights. Click here to download it now.
Sustainability. Growth. Digitalisation. These are the words everyone’s using about the logistics landscape of 2023. But what do they mean for individual businesses – and for security?
Multi-Factor Authentication (MFA) is not sufficient. Various attacks, such as EvilProxy, can bypass MFA. Here, we discuss how you can defend yourself.
Software and operating systems are constantly evolving. Those that are no longer maintained - such as Window Server - may be hiding unmitigated security vulnerabilities within your business. Proactively assessing your infrastructure strengthens your security posture and your resilience against cyber threats.
Vishing attacks (voice phishing attacks) are getting more sophisticated. In this article, we cover the details of a real vishing attack that we prevented. Includes digital forensics, incident response, mitigation and prevention measures and IoC lists.