Le Lézard
Classified in: Science and technology, Covid-19 virus
Subject: Survey

New Research Reveals COVID-19 Has Increased Cyber and Financial Risks as Security Teams Reduce Staff

Exabeam, the Smarter SIEMtm company, today released new research that identified initial impacts of the COVID-19 pandemic on security teams. The report suggests increases in both cyber and financial risks since the onset of the health crisis in the first half of 2020. During this time, 80 percent of companies saw ?slightly to considerably more' cyberattack attempts, breaking down to 88 percent in the U.S. and 74 percent in the U.K.

In total, one-third of respondents experienced a successful cyberattack during COVID-19, leading to network downtime for 40 percent of U.K. companies and 38 percent of U.S. companies.

The research, commissioned by Exabeam and conducted in the U.K. and the U.S. by Censuswide, included more than 1,000 IT security professionals at small- to medium-sized enterprises, half in a chief information security officer (CISO) or security operations center (SOC) leadership role, and half in a security engineer/analyst or security architect position.

Of the total respondents, the majority reported that companies deferred all security hiring during March through June 2020, with significantly higher deferrals in the U.S. (70 percent) versus the U.K. (42 percent). On top of hiring freezes, 75 percent of overall companies experienced security team furloughs, and 68 percent laid off team members. By region, 36 percent of U.K. and 29 percent of U.S. companies reported that two security team members had been furloughed. Nearly 29 percent of U.S. teams lost one to redundancy, and 33 percent of U.K. teams lost two.

Despite the team reductions, just 22 percent of the total respondents listed staff shortages as the biggest challenge in mitigating threats while working remotely. This issue was eclipsed by communication with security teams in the U.K. (33 percent), and communication with other IT functions in the U.S. (40 percent). Strained interactions between IT and security teams is common but even more difficult to manage remotely. Combined with fewer hands during cyberattack investigation, this can impact overall mitigation efforts when remote. Network security issues were also prominent, with 29 percent of all respondents citing difficulty investigating attacks, and 27 percent naming lack of insight into individual networks as some of their major struggles.

In addition to these communication and technology challenges, successful cyberattacks on the small- to medium-sized enterprises surveyed resulted in the following financial impacts per incident:

These losses during the COVID-19 period land slightly above the most common average loss amount of $32,200 from the 2020 Verizon Data Breach Investigations Report.

"Companies are grappling with the security fallout from an unexpected shift to remote work, but it's business as usual for cybercriminals and foreign adversaries with unprecedented opportunity," said Steve Moore, chief security strategist, Exabeam. "The rise in attempted cyberattacks while companies experience staff reductions is a harsh reminder of the security and financial challenges created by the pandemic. Automation of repetitive tasks can allow security teams to improve efficiency and accuracy in the remote environment, especially focusing on the credential, as well as detection and mitigation."

Interestingly, since the beginning of COVID-19, about one-quarter of U.K. companies and one-third of U.S. companies chose to increase automation usage in their security tools due to remote work, but oddly, one-quarter of U.K. companies also decreased use of automation during the same time period. Automation can be used to solve technology-related problems such as lack of insight into networks, a noted problem in this survey.

On average, 60 percent of respondents in both regions deferred planned investments in security technology, with the U.S. (68 percent) result again higher than U.K. (51 percent) counterparts. While both experienced significant psychological shifts due to remote work, overall, U.S. companies reported greater impacts such as distractions in the home, learning curve with new applications and tools, and blurred lines between work and personal computers than U.K. companies. The specific area with the widest margin was individuals' false sense of safety and/or privacy.

"We suspect that these country-level differences stem from the U.K.'s consumer privacy legislation being much more mature than in the U.S., which virtually has no similar regulations in place," said Moore. "This could lead to U.K. responders feeling more secure in this remote world, as their country has done the work to have a program in place."

For more information, visit the Exabeam blog.

About Exabeam

Exabeam is the Smarter SIEMtm company. We help security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with missed distributed attacks and unknown threats, manual investigations and remediation, or excessive storage fees. With the modular Exabeam Security Management Platform, analysts can use behavioral analytics to detect attacks, automate investigation and incident response, and reduce storage costs. Exabeam Smart Timelines, sequences of user and device behavior created using machine learning, further reduce the time and specialisation required to detect attacker tactics, techniques and procedures. For more information, visit https://www.exabeam.com.

Exabeam, the Exabeam logo, Threat Hunter, Smarter SIEM, Smart Timelines and Security Management Platform are service marks, trademarks or registered marks of Exabeam, Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2020 Exabeam, Inc. All rights reserved.

These press releases may also interest you

at 18:08
In an important move to bolster its global player representation business, Evolved, an award-winning esports agency home to many of the most successful esports players and content creators in the world, announced today that the company has acquired...

at 18:05
The global E-passport market size is expected to grow by USD 27.56 billion during 2020-2024. The report also provides the market impact and new opportunities created due to the COVID-19 pandemic. We expect the impact to be significant in the first...

at 18:00
GreenSky, Inc. ("GreenSky" or the "Company") , a leading financial technology company Powering Commerce at the Point of Sale®, reported financial results today for the second quarter ended June 30, 2020. "As we all continue to navigate COVID-19, we...

at 18:00
OnBoard, the award-winning virtual board management solution that securely connects organizations and their directors, accelerated its international expansion today by opening a new office in Sydney, Australia. The opening of the new location...

at 18:00
MMTEC, Inc. , a China based technology company that provides access to the U.S. financial markets (the "Company") announced today that it signed a three-month Consulting Services Agreement engaging Hitek Global Inc. to provide M&A, investment,...

at 17:44
Pinnacle Renewable Energy ("Pinnacle" or the "Company") today reported record revenues of $132.2 million in Q2 2020, $28.1 million or 27% higher than Q2 2019 revenues of $104.2 million and $21.5 million or 19% above the previous record of $110.7...

News published on 16 july 2020 at 09:05 and distributed by: