Insightful &
Helpful Articles

Here is what we're working on and
thinking at Hedgehog security.

Security breaches are on the rise, and it's not surprising to find that as the information security incidents continue to rise, so do financial losses. In 2014 Research participants found that the volume of identified occurrences increased to an incredible total of 42.8 million, 48% higher than the incidents reported in 2013. This increase in security breaches has come at a great loss, with the total financial losses associated with security compromises increasing by 34% over those in 2013.

Today, most companies realize that cybersecurity is an all-encompassing persistent, business risk. Even so, due to the always rising costs and frequency of the security incidents, the survey found that many organizations haven't updated their security processes and technologies, secured critical information or trained employees. It's these oversights that lead to weakened security issues, due to substandard security strategies that also have led to a growth in the financial cost of mitigating and investigating incidents once they occur.

The 2015 Global State of Information Security Survey is performed to provide a comprehensive summary of the consistently evolving security information industry. The results of the 2015 survey provide persuasive statistics concerning cybersecurity and the fiscal impact of the heightened number of security incidents and additional specifics of relating to the information security industry. Following are the survey's key findings and trends.

Compromises by insiders

Former and current employees, along with third parties that organizations trust their network access to, continue to rise. The problem is that a lot of these organizations haven't implemented procedures and technologies to deal with internal incidents. Doesn't it matter how secure an organization?s data and the network is, it'll be accessible to compromise if third parties don't implement comparative privacy and security safeguards as well.

Businesses with 1,000 or more employees see insiders as the biggest risk, however insider threats aren't sufficiently attended to and the first signs of information security problems are often ignored. The 2015 survey participants found employees to be the biggest threats, more than any other, making them the most reported contributors to security incidents. That being said, employees aren't the only cause of insider threats. An increasing number of respondents attributed cyber incidents to third parties with access to networks and data, including service providers, contractors and consultants (current and formerly employed).

Cyber Risks Can't be 100% Eliminated

It's crucial that today's organizations continue to be vigilant and flexible when confronted with an always evolving cyber threat landscape. It's important that all organizations if they don't have strategies in place yet, implement a risk-free centred approach to security that prioritizes their most important assets and actively addresses their most relevant threats.

An Increase in Financial Losses

The considerable rise in security incidents has caused an increase in financial losses, especially for big organizations with revenues of over $1 billion, who experienced their losses going from $3.9 million during 2013 hitting an increase of 53% in 2014 ($5.9 million). These numbers aren't definitive because there are still a lot of organizations that are unaware attacks and others don't report identified incidents for strategic reasons, or in some cases because the attack has been investigated because it's considered a matter of national security.

Global security incidents continue to outpace even the fastest growing technologies and economies, with a staggering growth of 48% between 2013 to 2014. Since 2014, security incidents have increased at a 66% compound growth rate. Today cybersecurity continues to be a persistent business risk as companies fail to keep up with the tactical skill sets and technical expertise of their destructive adversaries. The rise in insider incidents carries serious consequences due to the fact that crimes attributable to internal participants are frequently more damaging or costly than compromises caused by external groups. When businesses neglect the risks located within their ecosystems, the consequences can be devastating. Nevertheless, many businesses don't have an insider threat system in place and are not prepared to detect, prevent and/or react to internal threats.

The results of the Global State of Information Security Survey 2015 were based on over 10,000 worldwide respondents.