Bloomfield, Conn. (PRWEB) May 18, 2016
Organizations remain unprepared and without a formal plan to respond to cyber security incidents, according to the annual Global Threat Intelligence Report (GTIR) announced by NTT Com Security, an NTT Group company. The 2016 report reveals that there has been little improvement in preparedness, with the latest figures indicating a slight increase in organizations that are not properly prepared, despite the rise in security attacks and data breaches.
Pulling information from 24 security operations centers, seven R&D centers, 3.5 trillion logs and 6.2 billion attacks in 2015, the GTIR shows that over the last three years, on average 77% of organizations fall into the ‘unprepared’ category, leaving just 23% with the capability to respond effectively to critical security incidents.
“Prevention and planning for cyber security incidents seems to be stagnating, according to the figures in both the GTIR and our recent Risk:Value report,” says Garry Sidaway, VP Security Strategy & Alliances, NTT Com Security. “This is a real concern and could be down to a number of reasons; not least the possibility of security fatigue – too many high profile security breaches, information overload and conflicting advice – combined with the sheer pace of technology change, lack of investment and increased regulation.
“Facing security challenges that didn’t exist last year, let alone a decade ago, and struggling with a shortfall in information security professionals, many organizations no longer have the necessary skills or resources to cope. Our mantra is prevention is better than cure and get the security basics right, including having a clear, well-communicated incident response plan.”
Although financial services was the leading sector for incident response in previous annual GTIR reports, the retail sector now takes the lead, with 22% of all response engagements, up from 12% the previous year. Retail – a popular target due to processing large volumes of personal information such as credit card details – experienced the highest number of attacks per client.
Other incident response statistics from the 2016 GTIR:
- The report shows an increase in breach investigations, with 28% in 2015 compared to 16% the previous year, with many incidents focused on theft of data and intellectual property.
- Internal threats jumped to 19% of overall investigations – from 2% in 2014. Many of these were the result of employees and contractors abusing information and computing assets.
- Spear phishing attacks accounted for approximately 17% of incident response activities in 2015, up from 2% previously. Many of these attacks related to financial fraud targeting executives and finance personnel, with attackers using clever social engineering tactics, such as getting organizations to pay fake invoices.
- Despite a rise in DDoS hacking groups like DD4BC and Armada Collective, the GTIR noted a drop in DDoS related activity compared to the previous two years. This is likely to be due to an investment in DDoS mitigation tools and services.
Incident response recommendations can be found in the GTIR 2016 report here.
To download the 2016 GTIR report: https://www.nttcomsecurity.com/us/landingpages/gtir-2016/
About NTT Com Security
NTT Com Security (formerly Integralis) is a global information security and risk management organization, which delivers a portfolio of managed security, business infrastructure, consulting and technology integration services through its WideAngle brand. NTT Com Security helps organizations lower their IT costs and increase the depth of IT security protection, risk management, compliance and service availability. NTT Com Security AG, is headquartered in Ismaning, Germany and part of the NTT Communications Group, owned by NTT (Nippon Telegraph and Telephone Corporation), one of the largest telecommunications companies in the world. For more information, visit http://www.nttcomsecurity.com.
Sara Chaput/LRG Marketing
845 358 1801