Exabeam, the Smarter SIEMtm company, today released new research that identified initial impacts of the COVID-19 pandemic on security teams. The report suggests increases in both cyber and financial risks since the onset of the health crisis in the first half of 2020. During this time, 80 percent of companies saw ?slightly to considerably more' cyberattack attempts, breaking down to 88 percent in the U.S. and 74 percent in the U.K.
In total, one-third of respondents experienced a successful cyberattack during COVID-19, leading to network downtime for 40 percent of U.K. companies and 38 percent of U.S. companies.
The research, commissioned by Exabeam and conducted in the U.K. and the U.S. by Censuswide, included more than 1,000 IT security professionals at small- to medium-sized enterprises, half in a chief information security officer (CISO) or security operations center (SOC) leadership role, and half in a security engineer/analyst or security architect position.
Of the total respondents, the majority reported that companies deferred all security hiring during March through June 2020, with significantly higher deferrals in the U.S. (70 percent) versus the U.K. (42 percent). On top of hiring freezes, 75 percent of overall companies experienced security team furloughs, and 68 percent laid off team members. By region, 36 percent of U.K. and 29 percent of U.S. companies reported that two security team members had been furloughed. Nearly 29 percent of U.S. teams lost one to redundancy, and 33 percent of U.K. teams lost two.
Despite the team reductions, just 22 percent of the total respondents listed staff shortages as the biggest challenge in mitigating threats while working remotely. This issue was eclipsed by communication with security teams in the U.K. (33 percent), and communication with other IT functions in the U.S. (40 percent). Strained interactions between IT and security teams is common but even more difficult to manage remotely. Combined with fewer hands during cyberattack investigation, this can impact overall mitigation efforts when remote. Network security issues were also prominent, with 29 percent of all respondents citing difficulty investigating attacks, and 27 percent naming lack of insight into individual networks as some of their major struggles.
In addition to these communication and technology challenges, successful cyberattacks on the small- to medium-sized enterprises surveyed resulted in the following financial impacts per incident:
These losses during the COVID-19 period land slightly above the most common average loss amount of $32,200 from the 2020 Verizon Data Breach Investigations Report.
"Companies are grappling with the security fallout from an unexpected shift to remote work, but it's business as usual for cybercriminals and foreign adversaries with unprecedented opportunity," said Steve Moore, chief security strategist, Exabeam. "The rise in attempted cyberattacks while companies experience staff reductions is a harsh reminder of the security and financial challenges created by the pandemic. Automation of repetitive tasks can allow security teams to improve efficiency and accuracy in the remote environment, especially focusing on the credential, as well as detection and mitigation."
Interestingly, since the beginning of COVID-19, about one-quarter of U.K. companies and one-third of U.S. companies chose to increase automation usage in their security tools due to remote work, but oddly, one-quarter of U.K. companies also decreased use of automation during the same time period. Automation can be used to solve technology-related problems such as lack of insight into networks, a noted problem in this survey.
On average, 60 percent of respondents in both regions deferred planned investments in security technology, with the U.S. (68 percent) result again higher than U.K. (51 percent) counterparts. While both experienced significant psychological shifts due to remote work, overall, U.S. companies reported greater impacts such as distractions in the home, learning curve with new applications and tools, and blurred lines between work and personal computers than U.K. companies. The specific area with the widest margin was individuals' false sense of safety and/or privacy.
"We suspect that these country-level differences stem from the U.K.'s consumer privacy legislation being much more mature than in the U.S., which virtually has no similar regulations in place," said Moore. "This could lead to U.K. responders feeling more secure in this remote world, as their country has done the work to have a program in place."
For more information, visit the Exabeam blog.
Exabeam is the Smarter SIEMtm company. We help security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with missed distributed attacks and unknown threats, manual investigations and remediation, or excessive storage fees. With the modular Exabeam Security Management Platform, analysts can use behavioral analytics to detect attacks, automate investigation and incident response, and reduce storage costs. Exabeam Smart Timelines, sequences of user and device behavior created using machine learning, further reduce the time and specialisation required to detect attacker tactics, techniques and procedures. For more information, visit https://www.exabeam.com.
Exabeam, the Exabeam logo, Threat Hunter, Smarter SIEM, Smart Timelines and Security Management Platform are service marks, trademarks or registered marks of Exabeam, Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2020 Exabeam, Inc. All rights reserved.
These press releases may also interest you