Risk management failures in firms escalate cyber threats

Over half (54%) of global organisations believe their risk assessments aren’t mature enough, potentially exposing them to escalating cyber-threats, according to Trend Micro.  

The security vendor polled over 6,290 IT and business decision makers from over 29 countries to compile its latest research.  

About one-third (32%) of respondents said that assessing risk is the main area of attack surface management they struggle with. As a result, they feel most exposed to ransomware (83%), phishing (85%) and IoT attacks (81%).  

Some (28%) said that they are struggling with manual approaches to attack surface mapping, while a third (32%) claimed they’re labouring with multiple tech stacks. As a result, only two-fifths (40%) can accurately use risk assessments to detail things like attack attempt frequency and trends, risk levels for individual assets, and industry benchmarks.  

This is leaving the organisation exposed and business leaders in the dark. Over half (51%) of respondents said that they struggle to quantify risk exposure to leadership, while only 3% believe their C-suite fully understands cyber-risk at present.  

“We already knew that organisations are concerned about a fast-expanding digital attack surface with limited visibility. Now we know that they also need urgent help to discover and manage cyber risk across this environment,” said Sharda Tickoo, Technical Director at Trend Micro.   

She added that in many cases, the challenge is compounded by siloed point solutions. Organisations must search for a single platform that gives them the certainty and security they require,” Tickoo said.  

Many (39%) respondents are investing in platform approaches to improve visibility and control. It’s believed that siloed point solutions can lead to coverage gaps and integration challenges which allow threats to thrive.  

Along with improved visibility (38%), respondents reported faster breach detection (35%) and accelerated response (34%) as the biggest advantages of consolidating security in this way, the report said.