New research from Kaspersky Lab has revealed that a visible gap exists between the preventative measures European IT decision-makers say their organizations take and those they actually implement.
The cybersecurity firm surveyed IT decision makers from Germany, the UK, France, Italy, Spain and Romania to reveal that while 83 percent said they take precautions to prevent cyberattacks, only 41 percent said they provide security training to all of their employees.
Cybersecurity has gained more public attention following the high-profile data breaches and cyberattacks of the last few years. At the same time, businesses have become more aware of the complex damage a cyberattack might cause.
According to Kaspersky Lab’s latest research, 51 percent of IT decision makers would find it difficult to estimate total losses after a cyberattack due to how widespread the impact would be and this includes reputational damage to their organization.
Dealing with cyberattacks
The survey also found that when a cyberattack occurs, 79 percent of IT decision makers would like to know who was behind the attack. However, 68 percent of IT decision makers also fell that it is very rare that those behind such an attack are caught and brought to justice.
One positive aspect highlighted by Kaspersky Lab’s research is that almost one third of European businesses resort to threat intelligence reports (30%) suggesting that an increasing number of IT decision makers realize the importance of IT teams being able to rely on high-quality threat intelligence to prepare the best incident response.
Principal security researcher at Kaspersky Lab, David Emm provided further insight on the firm’s research, saying:
“Awareness regarding cyberthreats is a very basic step for organisations, as a key foundation for staying protected from cyberthreats. Our research has found that European organisations acknowledge cyber risks, but it is concerning that only one-in-10 European organisations still do not take any effective preventative measures against cyberattacks, possibly hoping that ‘maybe it won’t happen to us.
“However, it has been proven time and time again, preventative measures and proper defence are far more affordable than the impact of a disastrous attack that can even mean the end of a business. Although when a cyberattack occurs businesses would like to know who’s behind it. Unfortunately attribution is fraught with difficulties, so it’s therefore much more productive to invest in measures to reduce the risk of attack and mitigate any attack that does occur”.