Businesses are failing to secure their networks against cybersecurity threats, even though they think they're sufficiently prepared if an attack should happen, according to new research by SolarWinds MSP.
The report found 87% of IT executives think their systems are robust enough to prevent attacks, yet 71% of those same companies had experienced a data breach over the last year.
The cost of not being sufficiently prepared for a data breach is huge, SolarWinds explained, with an average price tag of between £59,000 for small businesses and £724,000 for larger enterprises. In fact, 77% of businesses that had been targeted said their loss wasn't just monetary, but also included operational downtime, legal action agaist them or loss of business.
"Our findings underscore the problems that contributed to the ‘WannaCry’ ransomware’s ability to cause so much damage around the globe," John Pagliuca, general manager of SolarWinds MSP, said. "These results beg the question, ‘how can IT leaders feel so prepared yet still be exposed?’"
He claimed that one of the main reasons IT leaders are so ill-prepared is that they are confusing IT security with cyber security and as a result, their infrastructure doesn't stand up to modern threats.
"The former is what companies are talking about when they think about readiness," Pagliuca added. "However, what they often don’t realise is that cyber security protection requires a multi-pronged, layered approach to security that involves prevention, protection, detection, remediation, and the ability to restore data and systems quickly and efficiently.
One of the missing pieces to the puzzle is sufficient training, SolarWinds explained, with only 16% of businesses saying they've prioritised security training staff, yet 32% of data breaches were caused by internal sources.
"The overconfidence and failure to deploy adequate cybersecurity technologies and techniques at each layer of a company’s cyber security strategy could be fatal," Pagliuca concluded.
