A new report released by the Pew Research Center shines a light on the current cyberthreat landscape and found that most security experts believe a major attack is imminent.
The "Digital Life in 2025" study is based on responses from more than 1,600 security experts and IT leaders. More than 60 percent of survey participants said they believe there will be a large-scale attack in the near future, causing billions of dollars in damage as well as widespread harm to national security. Many of the respondents reported that they believe an attack is coming because the interconnected nature of the Internet is extremely inviting for malicious actors.
"The Internet is a critical infrastructure for national defense activities, energy resources, banking/finance, transportation and essential daily-life pursuits for billions of people," stated the Pew report. "The tools already exist to mount cyberattacks now and they will improve in coming years – but countermeasures will improve, too."
Many of the experts surveyed also noted that most Internet systems were not designed with security in mind, and the majority of organizations do not consider cybersecurity a core competency.
Cost of breaches on the rise
The Pew report comes at the same time as a study from the Ponemon Institute revealed that the average price for an enterprise experiencing a security intrusion is currently $640,000, an increase of 23 percent from last year. The "2014 Global Report on the Cost of Cybercrime" found that a large organization takes an average of 31 days to mitigate the effects of a cyberattack, at a cost of $20,000 a day.
"It is alarming to know that an unwanted adversary could invade your system, causing costly and reputation-destroying damages without you even knowing it," said Larry Ponemon, chairman and founder of the Ponemon Institute. "The ability to remain under the radar enables the adversary to invade your system even further – making it more difficult to eliminate the attack completely, and increasing overall costs."
The Ponemon report measured the cost of more than 1,700 attacks suffered by 257 large companies around the world. According to the results, cybercrime costs an average of $12.7 million per organization each year, and enterprises are each hit with 122 successful attacks annually. The report also discovered that certain industries had higher security-related costs due to a breach. The highest prices are paid by the energy and utility sectors, with financial services coming in a close second.
Reduce costs, improve security with early detection
As well as revealing the financial damage caused by cybercrime, the study highlighted the need for enterprises to employ early detection methods.
"Attackers only need one shot to gain access to an organization's data, which could result in a huge financial impact for the organization as well as reputational damage," said Ponemon. "It is critical for organizations to take preventative measures and invest in the security of their organization, as that investment could significantly decrease any financial losses that could occur from a public security breach."
In fact, security experts believe so deeply in the ability of early detection to mitigate the effects of an intrusion that the 39 percent of respondents to the Pew study that did not believe a catastrophic cyberattack is coming do so because of the creation of increasingly sophisticated defense methods. One such technology is security information and event management. With a managed SIEM service, organizations have constant monitoring of critical networks and are alerted to anomalous behavior or intrusions as soon as they are detected. A SIEM solution allows companies to greatly reduce the cost of a data breach and quickly mitigate the effects of cybercrime.