Nearly all businesses are expecting to face a cyberattack this year

(Image credit: Pixabay)

When it comes to cybercriminals (successfully) attacking businesses, it’s no longer a question of if, but rather when, a new report from Trend Micro has found.

Based on a poll of 3,600 businesses, Trend Micro concluded that for 86%, a serious cyber-attack in the next 12 months is “somewhat to very likely”, up from 83% a year ago. Four in five (80%) of global organizations believe it’s likely they’ll experience a data breach that impacts customer data in the coming months.

This grim outlook is, in part, due to 24% of the respondents suffering at least seven cyberattacks that infiltrated their networks and systems, while 21% had at least seven breaches of information assets (up from 19% a year ago).

Finally, a fifth said they had suffered at least seven breaches of customer data in the last year.

Consequently, customer churn, lost IP and the damage/disruption of critical infrastructure are seen as the top three negative consequences.

“Once again we’ve found plenty to keep CISOs awake at night, from operational and infrastructure risks to data protection, threat activity and human-shaped challenges,” said Jon Clay, vice president of threat intelligence for Trend Micro. 

“To lower cyber risk, organizations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive, connected platforms.”

Cloud infrastructure at risk

Businesses are mostly wary of man-in-the-middle attacks, ransomware, phishing, fileless attacks, and botnets.

Cloud computing was one of the top two infrastructure risks, with many respondents admitting to spending “considerable resources” to manage third-party risks (for example, cloud providers). Most of the time, cybersecurity experts have their hands full with organizational misalignment and complexity, customer turnover, lost intellectual property and disruption/damages to critical infrastructures. 

Going forward, CISOs would love more authority and resources to achieve a stronger security posture.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.