On average, one in two companies worldwide have suffered multiple attacks from the same hacking group, a new report from AtlasVPN claims. What’s more, almost two-thirds (61 percent) of those attacked did not remediate the flaws that made them vulnerable, making the criminals’ jobs that much easier.
Of all the companies, those in the UK seem to be suffering the most (55 percent), followed by those in the States and Canada (50 percent), Europe (49 percent), and Latin America (48 percent).
The organizations are mostly vulnerable in the cloud (65 percent), but they’re also susceptible to DDoS attacks (60 percent), phishing and social engineering attacks (52 percent), malicious insider threats (45 percent), and DNS-based attacks (44 percent).
One of the biggest challenge, for 69 percent of the respondents, is systems generating too many low-value security alerts and forcing IT teams to address them before “reaching” highly important alerts – as many see it as wasting the IT team’s time.
Another problem is the chronic staff shortage. In total, six in ten have a shortage of in-house experts that could use security technologies, 56 percent lack the staff to pick up the workload, and 53 percent can’t find enough workers to deliver “lasting data-driven outcomes”.
“As long as organizations do not address existing vulnerabilities and security issues, they risk being hit by cybercriminals again,” commented Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN.
“Organizations should prioritize internal processes that they can control over external security risks that they cannot.”