The vast majority of organisations expect to be hacked. For as many as 94 per cent of companies, the question is not whether this will happen, but when. Over half of the organisations have made cybersecurity a top priority, showing that awareness of the dangers of a cyber attack is high. However, the focus is now mainly on prevention, while detection and adequate handling of a potential attack still receive less attention at many organisations.

This is according to research by IT specialist Conscia in collaboration with research firm The Blue Hour. Over half of the participating organisations indicate that cybersecurity is a top priority within the organisation, two-thirds of the organisations say they have sufficient budget available for this. The average rating organisations give themselves for cybersecurity is 6.1.

The type of threat organisations are guarding against is changing. Two years ago, DDoS attacks were still seen as the biggest threat. Meanwhile, respondents say they fear ransomware, phishing and chain attacks in particular. Due to large-scale crises such as the war in Ukraine, there is more focus on protection against damage from state actors, whereas before it revolved around activities from criminal groups.

Emphasis on prevention rather than detection and response

Organisations still place the emphasis of their cybersecurity strategy on prevention. This is where 43 per cent of organisations invest the most time and energy. Detection of attacks is usually the next step, but lags far behind at 15 per cent. Only 39 per cent of organisations believe that their own Security Operations Centre (SOC) or security team is capable of responding appropriately to a cyber incident.

Maarten Werff, solution consultant cybersecurity at Conscia believes that the power of a good cybersecurity strategy lies in a broader approach: "A good strategy is about identification, prevention, detection and response. Know what is in your network, what software is deployed and make sure known vulnerabilities are patched in time. A shift from the detection strategy to what we want to protect - the user, the endpoint and the 'crown jewels', the valuable data - offers the opportunity to act quickly."

"In doing so, if it turns out that you do not have sufficient knowledge or capacity in your own organisation to effectively respond to an attack, an external 24/7 Security Operations Centre offers a solution for many organisations. For many organisations, Managed Detection & Response (MDR) provides a better answer to today's challenges than a conventional SOC or SIEM. By using intelligent sensors, MDR provides higher visibility, the ability to intervene quickly and is a cost-effective way for many organisations to establish a resistant cybersecurity strategy in a short period of time."

Source: Dutch IT Leaders
Source: Emerce