Mismanaged technology largest contributor to breaches globally in 2019

Summary

According to IBM, cybercrime continues to grow at a significant pace year-over-year (4x increase in 2019 vs. 2018) despite increasing resources and attention placed on security by companies and governments.

Key findings from the IBM annual threat intelligence report out this week include:

  • Of the more than 8.5 billion breached records reported in 2019, more than 85% were due to misconfigured cloud servers and other improperly configured systems.
  • Operational technology (OT) targeting increased 2000% year-over-year, with more attacks on industrial control systems (ICS) and OT infrastructure than any of the prior three years.

Financial Services is still the most targeted industry, but Retail is now the second-most targeted (up from fourth last year).

Report

Analysis

The fact that the year-over-year increase in cybercrime continued in 2019 despite increasing resources and attention placed on security points to a fundamental problem with the current approach to cybersecurity. Though the mainstream cybersecurity market may encourage companies to throw more money at the problem, results suggest that this is not the answer.

Of the notable findings from the IBM report, misconfigurations as a key contributor to breaches is evidence of the decisive importance of the management of technology rather than the technology itself. Cyberhedge research supports the fact that the management of technology is a decisive factor between good and poor cyber governance. Not surprisingly, the newly released Verodin Security Effectiveness Report found that 80% of tools are misconfigured—left underutilized at default settings.

Instead of faulting the existing technology and purchasing new products, companies can enact a more proactive approach that focuses on improving the management of existing technology. This puts more of an onus on people, policy, and process.

Regarding the ranking of top industry targets, the rise of Retail is reflective of the way in which digital transformation has taken hold of a sector increasingly battling for market share in e-commerce. The explosion of customer data and an increasing reliance on digital assets like frictionless websites and direct-to-consumer capabilities make the sector more attractive to cybercriminals. Companies like Macy’s, struggling to manage these risks, embody the challenge facing Retail overall.

Close

Instantly download research in our library and be the first to get access to new content

Denis Bolshakov

Log out

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website