Widespread Cybersecurity Weaknesses May Affect Consumers: Report

A new report warns that cyber security weaknesses are common among both businesses and consumers, as both groups appear to be largely unprepared for the threat of security hacks. 

The Ponemon Institute and Resilient Systems recently published a report, “The Cyber Resilient Organization: Learning to Thrive Against Threats”, which surveyed more than 600 IT and IT security professionals about cyber threats. It found that some of the biggest cyber security weaknesses that affect companies and may also affect consumers include human error, not being prepared for a cyber attack, being unprepared to respond to an attack, not having efficient backup systems, and not having technology that offers advanced warning about threats.

In the report, Ponemon focused on what they call “cyber resiliency,” or the capacity to maintain integrity during cyberattacks. The report highlighted ways organizations and individuals may be vulnerable to attacks, as well as ways to protect their cyber security.

About 60% of IT professionals surveyed indicate that their organization did not having technology that offers advance warning of an attack, which can put both companies and consumers at risk.

Only 25% of professionals surveyed said their organizations cyber resilience was high. About 66% said their organizations weren’t prepared to recover from a cyberattack. With a large number of organizations unprepared, the report indicates many consumers may also be ill prepared.

More than half of the organizations surveyed said they experienced a data breach in the past two years, causing the loss of more than 1,000 records containing sensitive information. These incidents can be costly and time consuming for both organizations and consumers, with an average cost of $4 million.

Only about 30% of organizations surveyed said they were adequately prepared to recover from a cyber attack. Nearly 70% of organizations surveyed said they spent the same time or more this year, compared to last year, dealing with cyber security incidents.

Some of the biggest cyber security threats facing both organizations and consumers, include exploiting existing software vulnerabilities, which is done in 86% of attacks, malware is used in 69%, and spear phishing, the use of fake emails that appear to be from an individual or business the victim knows, is used in 56% of attacks.

IT professionals advise that reducing cyber attack risks starts with data awareness. It is important to know how exposed your are to an attack before you can know how you can lower your risk. It’s also important to establish an automated alert mechanism for suspicious activities.

The dangers of weak passwords have been proven from prior attacks, according to IT professionals. Changing your password frequently and using more sophisticated passwords is important.

Some of the key barriers to proper cyber security resilience was insufficient planning and insufficient risk assessments. The top three security technologies to improve cyber resilience include identity management, incidence response, and intrusion detection.

More than half of respondents to the questionnaire rated the value of cyber resiliency as essential to achieving strong security.