Hackers are becoming increasingly sophisticated, and the cost of cyberattacks is predicted to rise to US$6 trillion by 2021 – from US$3 trillion in 2015 – turning up the heat on security professionals.
But as the workload of cybersecurity teams increases, employees run the risk of becoming overworked and overwhelmed.
A recent study by Goldsmiths, University of London, and Symantec surveyed 3,000 chief information security officers and senior cybersecurity decision-makers across the UK, France, and Germany.
Here's what they discovered.
64% cybersecurity decision-makers ready to quit
It found that almost two thirds (64%) had considered quitting their jobs (64%) or leaving the industry altogether (63%) – a problem for a sector facing a skills shortage.
The same study found that just under half of those questioned said they believed their security teams lacked the necessary skills to combat the threats their organization faced.
Tight budgets exacerbate the issue.
Deloitte's 2019 future of cyber survey 2019 found that while digital transformation is moving forward rapidly, risk management accounts for less than 10% of cyber budgets. In the survey, 15% of respondents revealed they were struggling to prioritize cyber risk across their businesses.
The risks and costs are genuine.
To top it off, the great Twitter hack illustrated, in July 2020, that the danger might come from insiders as well.
57% of data breaches involve insiders
So, while it's usually malicious outsiders that we think of when considering cyber threats, it's often people inside a company that are the danger.
Verizon's 2019 Insider Trading Report found that 57% of data breaches involved insider threats.
#1. Misuse of privileges
It also found that 20% of cybersecurity incidents and 15% of data breaches were due to misuse of privileges.
Corruption is another issue keeping cybersecurity teams awake at night.
In 2018, Amazon accused several employees of taking part in a bribery scheme that compromised customer data, while AT&T employees were found to have planted malware on the company networks.
Meanwhile, ransomware is on the increase, and many of these incidents begin at the employee level.
#4. Social engineering
#5. Poor password hygiene
Poor password hygiene within companies has also contributed to problems. When employees use easy-to-guess passwords, the information can be used to access company data even when the network is secure.
When faced with all of these challenges, there's a real danger that overworked cyber professionals overlook a crucial detail that leads to a data breach.
Businesses and governments worldwide have already become increasingly aware of the need to keep data secure.
According to Deloitte's survey, a cyber-secure future lies in greater collaboration and awareness between businesses and security organizations.
And it looks like we're heading in the right direction, with businesses all over the world already taking steps in protecting individuals' data.