Most British businesses have suffered a data breach in the past year, with executives saying cyber attacks were becoming more sophisticated.
That's according to a survey of 250 C-level business leaders across the UK by security firm Carbon Black, which said data breaches and hacking attacks were becoming the "new normal".
Of the businesses polled, 84% said they'd suffered a data breach within the last year, with the same number reporting an overall increase in the number of attacks they faced. Larger companies reported a doubling in attack volume, while smaller businesses said attack frequency had increased by 57%. Nine in ten of those surveyed said they believed that attacks were becoming more sophisticated.
"As we analyse the findings of our third UK Threat Report, it appears businesses are adjusting to the 'new normal' of sustained and sophisticated cyberattacks," said Rick McElroy, head of security strategy at Carbon Black. "Greater awareness of external threats and compliance risks have also prompted businesses to become more proactive about managing cyber risks as they witness the financial and reputational impacts that breaches entail."
Not all data breaches had a financial cost though. The survey revealed about a third of incidents had a financial impact, with only one in ten leading to severe damages. However, three quarters of respondents said they suffered reputational damage.
Three quarters of British business leaders also said they were more confident in their own security abilities with half saying they feel a little bit more confident, and 29% saying they felt a lot more confident while nine out of ten business leaders surveyed reported they planned to increase their security budgets in the coming year.
"As the cyber defence sector continues to mature, businesses are becoming more aware of the tools at their disposal and the tactics they can use to combat cyberattacks," said McElroy. "We believe this growing confidence is indicative of a power shift in favour of defenders, who are taking a more proactive approach to hunting out and neutralising threats than previously."
He pointed to the use of proactive threat hunting to stop attacks before they start, with 75% of companies saying they'd spotted attack activity using such techniques that likely would have gone unnoticed previously.
Custom malware is the most frequent form of attack, though Carbon Black also reported a rise in phishing attacks against companies and they're the vector that causes the highest number of successful breaches, according to the survey. Carbon Black said that phishing trend suggests hackers are still targeting users as the weakest link.
That makes it no surprise that a quarter of CIOs would like a bigger team to battle the security threat, but it could prove a challenge with more than half of companies surveyed saying that recruiting and training specialist security staff is harder this year than last.
