According to Trend-Micro, 54 percent of organizations worldwide are dissatisfied with the maturity of their cyber risk assessment capabilities. This comes with an increased risk of falling victim to phishing, supply chain attacks and other threats. […]
31 percent of Austrian IT and business decision makers surveyed by Trend Micro say they have problems with risk assessment when managing their digital attack surface. As a result, 82 percent of respondents feel the risk of phishing attacks, closely followed by software supply chain vulnerabilities (81 percent) and cloud infrastructure failures (77 percent).
The difficulty companies have in assessing risk also leaves their boards in the dark: 45 percent of IT decision makers see a challenge in quantifying the company’s level of risk for the executive level. Only four percent believe their boards currently fully understand cyber risk. This is an opportunity for companies to consult external expert knowledge.
41 percent of respondents have already invested in a platform-based approach to attack surface management in their organization, while nearly half (47 percent) say they will do so in the future. Those who already have a cybersecurity platform in use see better transparency (36 percent), faster attack detection (32 percent), lower costs (31 percent) and relief for their internal IT staff (26 percent) as advantages.
Many Austrian companies (28 percent) still map the attack surface manually. 29 percent report complexity issues due to the presence of multiple tech stacks. This could explain why only some of the respondents are able to fully present the following aspects of their risk assessment:
- Action plans to prevent exploitation of specific vulnerabilities (41 percent)
- Industry benchmarks (39 percent)
- Frequency of attack attempts (34 percent)
- Trends in Attack Attempts (33 percent)
- Risk classification of individual assets (32 percent)
- Impact of a security incident in a specific area (31 percent)
Trend Micro already knows from countless customer conversations that companies are concerned about an overgrown and opaque digital attack surface, said Richard Werner, Business Consultant at Trend Micro. The research results also showed that they also urgently needed support in cyber risk assessment, according to Werner: “In many cases, the challenge is compounded by silo-like use of individual solutions. In contrast, an integrated platform approach ensures the required level of security.”
Those interested can find further study results in English at www.trendmicro.com/explore/trend_global_risk_research_2.