Nearly 90% businesses hit by at least one major cyber attack last year: Report

A whopping 90% of global businesses faced at least one major cyber attack, mainly using ransomware, in the last one year, says a recent report. The report by Splunk also highlights that 86% of Chief Information Security Officers (CISOs) believe that the rise of generative artificial intelligence (gen AI) could help address the shortage of skills and talent in the security field.

Jason Lee, Chief Information Security Officer at Splunk, mentions that CISOs are becoming crucial for guidance amid a complex threat landscape. This is seen as an opportunity for CISOs to strengthen an organization's security and promote teamwork. 

The extensive research, conducted from May 2023 to June 2023, involved participants from the Enterprise Strategy Group across ten countries. Among the findings, 90% of respondents reported dealing with disruptive cyber attacks in the past year. 

Various industries, including finance (59%), retail (59%), and healthcare (52%), were heavily affected by ransomware attacks. Surprisingly, 83% of organizations chose to pay the attackers, with 95% in the retail sector willing to pay directly or through cyber insurance. 

There's a noteworthy shift in organizational structure, with 47% of CISOs reporting directly to the CEO, indicating a closer relationship with the top leadership. Boards are increasingly relying on CISOs for guidance, especially in sectors like technology, government, communications, media, healthcare, and manufacturing. 

The top priorities for CISOs, as highlighted by respondents, include security testing results, the return on security investments, and the effectiveness of cyber insurance. 

Concerns about tool sprawl are prominent, with 88% of CISOs advocating for consolidating security tools. Solutions like security orchestration, automation and response (SOAR), security information and event management (SIEM), and threat intelligence are favored for streamlining processes through automation. 

Surveyed CISOs believe that generative AI can bridge the skills gap in security teams, making security functions more efficient. Currently, 35% are using generative AI for security applications, with an additional 61% considering integration in the coming year. 

Despite economic challenges, 93% of CISOs expect an increase in cybersecurity budgets, while 83% acknowledge cuts in other organizational areas. There's a perceived correlation between economic challenges and an increase in cyber threats. 

Encouragingly, collaboration among security teams, IT, and engineering is on the rise, driven by initiatives like digital transformation and cloud-native development. While 77% appreciate collaboration in incident resolution, 42% see room for improvement. 
 
In a related report by Microsoft on October 6, India is highlighted as one of the top three targeted countries in the Asia Pacific region by nation-state actors.  

Additionally, an October 10 report by Akamai notes a significant increase in cyber attacks on the financial services sector in the Asia Pacific and Japan region, reporting a 36% growth in attacks from Q2 2022 to Q2 2023, totaling over 3.7 billion attacks.