Sunday, February 5, 2023
HomeCyberSecurityResearch: Preventative Approach Could Block 90% of Cyber-attacks


Research: Preventative Approach Could Block 90% of Cyber-attacks

Despite growing awareness of the dangers of cyber-attacks, many organisations are loath to adopt a preventative approach – until they’re hit.

New research has found that 90% of high-level managers believe that most cyber-attacks are avoidable with a preventative approach.

In its ‘Cybersecurity: Prevention Is Better than the Cure’ report, Tanium explored reactive versus preventative cybersecurity measures. It surveyed UK-based IT decision makers across a variety of industries including public sector, financial services, healthcare, and retail.

Of its respondents, 92% said they had experienced a breach at some point in the past, 82% within the last 24 months, and 73% in the last 12 months.

However, despite this awareness, the study shows that IT teams neglect to implement preventative cybersecurity measures for reasons such as a shortage of technical skills and budget-allocation delays from boards of directors.

Respondents from 86% of organisations compromised by a breach in the last six months believed that more investment in preventative measures (such as tools or staff training), would have minimised incidents.

According to the research, boards only approve new cybersecurity funding after an incident has occurred.

In 80% of cases, C-suite decision makers believe the risk of cyberthreats is increasing and expect 2022 to be the worst year yet in terms of the number of attacks.

For IT decision makers that experienced a cyber-attack in the last six months, 86% feel that senior leadership is likely to invest in cybersecurity only after suffering an attack; 75% state that “some cybersecurity incidents needed to happen” in order to get increased investment from leadership.

Loss of productivity resulting from downtime is cited as the most damaging impact of a cyber-attack, with 56% of all respondents citing it.

The report warned that preventative approaches are missed opportunities for IT teams.

A total of 68% of respondents believe that a predominantly preventative approach to cybersecurity is best, with a primarily reactive approach being favoured by only 32%.

The skills gap and overwhelmed IT and security teams have caused preventative security measures to take a lower priority. 55% of organisations agree that there is insufficient staff or resources to focus on a preventative security approach to cyber-attacks.

Larger organisations are more likely to adopt a preventative approach, with 70% of firms with 500+ employees citing prevention as preferable. 60% of organisations with 250-499 employees agreed.

85% of all respondents surveyed agreed that there is a greater cost to recover from a cybersecurity incident than to prevent one.

“Many organisations focus too much on cybersecurity point solutions like antivirus, rather than adopting a holistic, data-driven approach to prevention,” said Tanium chief architect for EMEA Oliver Cronk.

“As our research shows, many damaging security incidents – even those resulting from more sophisticated attack vectors – could have been prevented. In fact, more than half of the breaches we see could have been avoided by maintaining baseline cyber-hygiene standards.

“The current situation is the equivalent of leaving your front door and windows open and only locking them after a burglary has taken place,” Cronk added.


Suggest an Edit to this article

Go to Home Page

Bookmark (0)
Facebook Comments Box


Please enter your comment!
Please enter your name here
Captcha verification failed!
CAPTCHA user score failed. Please contact us!

Scottish Culture