In this portion of our 2019 update on the state of the IT industry, we review many of the pertinent and pressing statistics of the need for cybersecurity. It’s easy to paint an overwhelmingly complex and urgent picture of cybersecurity. However, we aim to balance the flood of data with digestible overview of the situation.
Industry Trends: Cybersecurity
Bottomline: Our cybersecurity risks and cost associated with them will never be lower than they are today.
OXEN’s 2017 summary of cybersecurity for small businesses concluded that SMB IT security is viewed as a necessary but unwelcome cost, rather than as an enabler of business solutions.
And now, in 2019, businesses are only beginning to realize the necessity of security awareness training programs. These training programs are important to educate employees on how to spot and avoid phishing emails and other risks.
Threat actors are more sophisticated and organized than ever; this includes nation states and well-funded organizations. These attackers will continue to adopt new techniques to stay one step ahead of defenders. Targets will expand as cybercriminals aim at new geographies around the world.
Security isn’t perfect, and threat actors don’t stand still. It’s worth their time and effort to continuously seek new, innovative ways to gain wealth and achieve notoriety.
Cybersecurity Statistics tell an overwhelming story
- 43% of cyberattacks are aimed at SMB companies (another study said 61%).
- The likelihood of a recurring material breach in the next two years for a single SMB is 27.9%.
- Spam makes up 53.5% of all email traffic.
- 91% of cyberattacks begin with a spear phishing email.
- 92% of malware is delivered by email.
- 22% of employees have clicked at least one phishing link in the last year.
- Over 60% of ransomware and malware is delivered through “secure” traffic (https vs http).
- Every 14 seconds someone will fall victim to ransomware in 2019.
- Average ransom settlement in 2019 has been >$12,000.
- Ransomware attacks increased 300% in 2018.
- It took companies an average of 191 days to identify data breaches.
- Only 25% of companies have a dedicated security department.
- As many as 60% of hacked SMBs go out of business after six months. (And downtime is 10 times more expensive than average ransom demand of $4,300).
- 90% of data losses are caused by human error.
- Cyberattacks are getting more sophisticated and complex.
- IOT devices expose new attack vectors inside SMB networks.
- The high cost of in-house cybersecurity expertise is driving proactive SMBs to seek out managed security service providers.
- Cybersecurity regulations by state and federal governments are expected to increase.
- Ransomware attacks moved beyond brute force spam and phishing attacks. They now take advantage of system vulnerabilities to conduct reconnaissance and find the most valuable target.
- There has been a massive move to crypto-mining and crypto-jacking to line the pockets of criminals at the expense of end users and organizations. This model takes over the processing power of infected machines to use for the benefit of the hacking organization.
- DDoS (Distributed Denial of Service) attacks are increasing quickly as unprotected home and IOT devices increase.
- Phishing attacks are accelerating and becoming more sophisticated:
- 100% of phishing attacks were “zero-day attacks”.
- 84% of phishing attacks have life cycle of less than 24 hours.
- Phishing sites are online for average of less than 15 hours.
- 100% of phishing attacks point to malicious pages on benign websites. (Benign websites are taken over and compromised temporarily while the website owner remains unaware.)
- Mobile devices and tablets are increasingly targeted by attackers.
- 50% of new and updated apps are categorized as “suspicious” or “malicious”.
- The most targeted apps are arcade games, entertainment, productivity, personalization (e.g. ringtones), and tools.
- Android is a primary target, but Apple is beginning to be attacked.
Cybersecurity from the IT Provider Perspective
What does cybersecurity look like from the IT service provider perspective? A study of shows:
Ransomware remains a massive threat to small-to-mid-sized businesses (SMBs).
- From Q2 2016 to Q2 2018, 79% of Managed IT Service Providers report ransomware attacks against customers.
- In the first 6 months of 2018, 55% reported ransomware attacks against clients.
- 92% of Managed IT Service Providers predict the number of ransomware attacks will continue at current, or worse, rates.
- The average managed service provider reports 5 of these attacks within their client base per year.
- In the first half of 2018, an alarming 35% of Managed IT Service Providers report clients suffered multiple attacks in a single day (up from 26%, year-over-year). Fortunately, we have never seen this case with an OXEN client.
- Ransomware infections in the cloud continue to increase. IT providers that report that of cloud-based malware infections, nearly 50% called out Office 365 as the target.
The problem is bigger than we know, as a startling number of attacks go unreported.
- IT providers report that fewer than 1 in 4 ransomware attacks are reported to the authorities.
- SMBs are largely in the dark about the frequency and severity of ransomware attacks. Nearly 90% of Managed IT Service Providers are “highly concerned” about the ransomware threat. 36% report their SMB clients feel the same.
- Managed IT Service Providers rank phishing emails as the top ransomware delivery method followed by malicious websites, web ads, and clickbait.
The aftermath of a ransomware attack can be crippling for a business.
- 67% of Managed IT Service Providers report victimized clients experienced a loss of business productivity
- More than half report clients experienced business-threatening downtime
- The cost of business downtime is 10x greater than the cost of the ransom requested. Managed IT Service Providers report the average requested ransom for SMBs was ~$4,300 in 2017 –18. The average cost of downtime related to a ransomware attack is ~$46,800.
Are there solutions or ways to mitigate the risk of ransomware?
- Having an Apple operating system isn’t a silver bullet. Managed IT Service Providers reporting OS/iOS attacks increased by nearly 500% year-over-year
- The most effective solution for avoiding downtime caused by ransomware is business continuity and disaster recovery (BCDR). 90% report that victimized clients with BCDR in place fully recovered from the attack in 24 hours, or less.
- Lack of cybersecurity education is a leading cause of a successful ransomware attack.
The best and only way to withstand evolving threats is to employ a layered approach. This means proven security technology that covers all threat vectors and is constantly kept up to date, coupled with sophisticated, ongoing end user awareness training. Cybersecurity policy helps shape and enforce procedures to improve cybersecurity.
Training is effective in reducing cyber threats. testing by top security firms showed that cybersecurity risk is reduced proportionally to the amount of training.
- The more security awareness training is conducted, the better employees are at spotting and avoiding risks.
- Companies that ran between 1-5 campaigns saw a 33% phishing click-through rate.
- 6-10 campaigns dropped the rate to 28%.
- 11 or more campaigns reduced the rate to 13%.
- Phishing simulations and campaigns are most effective when the content is current and relevant.
The Cybersecurity Market
Where does this leave the cybersecurity market?
Given the rise in the volume and sophistication of the attacks coupled with the increasingly strategic nature of digital business projects, Cybersecurity Ventures, a venture capital firm, is projecting that businesses will spend one-trillion-dollars per year on cybersecurity by 2020.
Two-thirds of Managed IT Service providers are being asked by customers to protect instances of Microsoft Office.
Mobile computing creates challenges of not just securing the devices and the applications that run on them, but also making sure the wireless networks used to access corporate resources are not distributing malware. And continued investment in Internet of Things (IoT) projects creates increased threat of security breaches.
As for staffing, there’s a massive shortage when it comes to IT security expertise.
- Intel estimates that by 2020 there will be anywhere from one to two million unfulfilled IT security jobs worldwide. A Forbes report predicts similar labor shortages.
- Managed Service Providers have an advantage over internal staffs in that they can resolve security issues faster because the odds are good that they’ve seen the problem before.
The next two parts of our 2019 State of the IT Landscape overview will jump to other current IT industry trends – the cloud and emerging technologies. These are some of the fastest moving areas of the IT industry. We hope you’ll join us!