Although cyber security is a major concern for the majority of businesses, many still cannot figure out if endpoints (Opens in a new tab) been hacked or not. However, this news may not be as bad as it seems.
Cybersecurity researchers from Nozomi Networks found that more than a third (35%) of companies do not know if their organization has been hacked. However, in the past year, the figure was 48%, which indicates a strong improvement in vision.
Moreover, a quarter (24%) expressed confidence that they had not had any accidents this year, double the number compared to the same period last year.
More money, less accidents
Overall, the number of respondents who admitted that they had experienced a data breach in the past 12 months, on an annual basis, decreased from 15% to 10.5%. A third of those (35%) said engineering Workstation It was a primary carrier (double that number, compared to 18.4% last year).
The report’s authors suggest that all of these improvements come from rising cybersecurity budgets. Two-thirds (66%) said their control system safety (Opens in a new tab) The budget has gone up in the past two years (up from 47% a year ago), with 56% saying they are able to discover a compromise within 24 hours (up from 51%). More than two-thirds (69%) can now go from detection to containment within 6-24 hours.
Nearly nine in ten (87.5%) have audited their operating/control systems or networks in the past year (up from 75.9%), while a third (29%) have implemented an ongoing evaluation program. Many monitor the security of their OT (83%), with 41% of those using a dedicated OT SOC.
“In the past year, Nozomi Networks researchers and the ICS cybersecurity community have seen attacks like Incontroller go beyond traditional targets on enterprise networks, to directly target OTs,” said Nozomi Networks co-founder and CPO Andrea Carcano.
“While threat actors respect their skills in ICS, specialized technologies and frameworks are available for robust defense. The survey found that more organizations are using them proactively. There is still work to be done. We encourage others to take steps now to reduce risk and increase resilience.”