Threatlist: 68% of Overwhelmed IT Managers Can’t Keep Up with Cyberattacks

Most respondents in a recent survey say they’re losing the battle despite having up-to-date protections in place.

IT managers feel overwhelmed by the volume of cyberattack attempts, with most of them admitting that successful hacks of their company networks are becoming the norm.

That’s according to a research report The Impossible Puzzle of Cybersecurity, released Friday. In a survey of 3,100 IT managers across 12 countries (at organizations with 100 to 5,000 employees), two out of three of them said their organizations (68 percent) suffered a cyberattack in 2018, despite efforts to prevent them. This, despite the fact that a full 26 percent of IT’S time, on average, is spent on cybersecurity issues.

Nine out of 10 (91 percent) of respondents said they were running up-to-date cybersecurity protections at the time of a successful attack, according to the Sophos, who published the report.

“This reveals that, despite good intentions and behaviors, threats are getting through,” according to the report, released Friday. “This may be through weaknesses in the cybersecurity, or because there are security holes that haven’t been plugged or gaps in their protection – while an organization might have been running up-to-date endpoint protection, this doesn’t mean all other devices were secure.”

The survey also showed that attacks are coming via multiple channels, including email (accounting for 33 percent) and web (30 percent), software vulnerabilities (23 percent), unauthorized USB sticks or other external devices (14 percent), and more. However, worryingly, a fifth (20 percent) of IT managers said they didn’t know how their networks were compromised.

In terms of the attacks that succeeded, over half of them (53 percent) were phishing attacks; a third (35 percent) resulted in malware infections; another 35 percent pointed to software exploits; and 30 percent said they were hit with ransomware.

IT managers consider their greatest risk to be phishing mails (50 percent flagged this as the number-one threat), followed by software exploits (45 percent). Third on the list is people, including internal staff, contractors and visitors.

“We humans are ranked a top-three security concern by 44 percent of respondents, and clearly present IT teams with quite a different type of cybersecurity challenge,” the report noted.

Wi-Fi security also weighs heavily on the minds of IT managers, with more than a third (36%) ranking it as a top-three concern, followed by unknown devices (31 percent).

Click to enlarge.

IT managers surveyed also mentioned a shortage of key skills on staff, which makes it that much harder to keep up with the volume of incidents and the scope of risks. Most respondents (86 percent) said that they needed more skills to combat threats, but 80 percent also said that they struggled to recruit the right people. Two-thirds of respondents said that their budgets for people and technology were too low.

Unsurprisingly, the inability to fend off attacks has led to significant concerns on the part of IT managers: Data loss was the number one concern for 31 percent of respondents, followed by cost and damage to the business (21 percent).

Don’t miss our free live Threatpost webinar, “Streamlining Patch Management,” on Wed., July 24, at 2:00 p.m. EDT. Please join Threatpost editor Tom Spring and a panel of patch experts as they discuss the latest trends in Patch Management, how to find the right solution for your business and what the biggest challenges are when it comes to deploying a program. Register and Learn More

Suggested articles


  • Eric on

    One thing I've done is put a firewall in every office and only allow traffic between them as is necessary. If a computer in one office is compromised, it will have a much harder time spreading the malware through our office network. And, of course, the firewalls are kept up to date on patches. Also, all wifi connections are outside the office firewall, not the internal network. We don't have anyone using laptops for work, but everyone has their cell phones and those cell phones are not permitted access inside the office firewall. We also have an outer firewall that basically acts to severely limit incoming connections. Also, for ssh, only certain user accounts may be used at all. For those accounts, the level of security depends on their source IP address -- if it is not from a known source IP address or network, only connections using RSA or DSA keys are permitted. It helps a lot to do it this way. Before we began doing this, employees would freely give out the wifi passwords to their friends who would then use their laptops and cell phones on our internal network. Now, with the wifi outside our network, we don't even have wifi passwords to limit access so that employees aren't tempted to try to plug their friends and visitors computers into our office network. It's easy for them to stay away from the office network -- connecting to the office network is difficult.
  • Tam Nguyen on

    Most of the companies do not want to hire at least very good security professionals who have been there, done that. They tend to hire the ones with CISSP and other paper certification and thought somehow that would scare all the hackers away. Some pay security professionals very cheap and expect them to work on firewalls, vulnerability scanning, pen-test and everything in between. I keep telling family and friends that if the number fo companies got hacked wouldn't rise to at least 2 folds, I'd be very suprised.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.