As you probably know by now (if you’ve read any of Adaptive’s previous articles), cyber-attacks have risen dramatically since the onset of Covid. According to excerpts from an article by Varonis, they wrote, “We’ve compiled more than 160 cybersecurity statistics for 2022. [Adaptive has reduced the number of statistics to a tidy ten.]
These statistics will help show the need for cybersecurity in all facets of business. These stats include data breaches, hacking stats, different types of cybercrime, industry-specific stats, spending, costs, and information about the cybersecurity career field.
Influential Cybersecurity Statistics and Facts
Unfortunately, most cybersecurity breaches are caused by human error. Considering the skills shortage in cybersecurity, this trend isn’t likely to subside anytime soon. We’ve outlined more details to provide you with an idea of the field as a whole, along with the overall impact of cyberattacks.
- 95 percent of cybersecurity breaches are caused by human error
- 68 percent of business leaders feel their cybersecurity risks are increasing
- 54 percent of companies say their IT departments are not sophisticated enough to handle advanced cyberattacks
- The top malicious email attachment types are .doc and .dot which make up 37 percent; the next highest is .exe at 19.5 percent
- The average time to identify a breach in 2021 was 212 days
- More than 77 percent of organizations do not have an incident response plan
- Malware increased by 358 percent
- Ransomware attacks rose by 435 percent
- Smaller organizations (1 to 250 employees) have the highest malicious email rate
- Cyber fatigue, or apathy to proactively defending against cyberattacks, affects as much as 42 percent of companies.”
What is Cyber Fatigue?
According to Cisco‘s CISO Benchmark Study, Cyber Fatigue is defined by the study as ‘virtually giving up on proactively defending against malicious actors. 42% of respondents reported to be suffering from cyber security fatigue. More worrying, 96% of those fatigued respondents complain that managing a multi-vendor environment is extremely challenging.
In excerpts from Talent, they wrote, “These days, logging into your workplace’s online database can feel like going through a full identity check for the police. There are so many passwords, pin numbers, and questions that it’s no wonder you get tired of having to go through a myriad of security precautions every time you want to access a certain file or service.
This attitude, while understandable, is known as cybersecurity fatigue, and it could be detrimental to the safety of your business’s information. This fatigue can lead to risky computer behavior as even experienced IT professionals become desensitized and overburdened by extensive security measures and constant threats.”
SecureWorks added, “A lot of the stress you experience at your job is caused by the sheer volume of alerts generated by your security monitoring tools. There are just so many of them! It’s not always clear which ones require your immediate attention – or which ones you can treat with lower priority.
Worse yet, eventually you and your team may reach a point where the noise overwhelms the signal. When this happens, teams can start to burn out and lose focus. Research from ESG reveals that nearly half of daily alerts were ultimately determined to be false positives and 91% of organizations chose to run only in log or monitor mode, or turn their security tools off completely.”
Example of Multi-Factor Authentication (MFA) Fatigue
According to OneLogin, “Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.
MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.”
At Adaptive Office Solutions, MFA is a key component in a multi-layer cyber plan, but not all MFA’s are created equal. According to excerpts from an article by BleepingComputer, they wrote, “Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue.
When an organization’s multi-factor authentication is configured to use ‘push’ notifications, the employee sees a prompt on their mobile device when someone tries to log in with their credentials. These MFA push notifications ask the user to verify the login attempt and will show where the login is being attempted.
An MFA Fatigue attack is when a threat actor runs a script that attempts to log in with stolen credentials over and over, causing what feels like an endless stream of MFA push requests to be sent to the account’s owner’s mobile device.
The goal is to keep this up, day and night, to break down the target’s cybersecurity posture and inflict a sense of “fatigue” regarding these MFA prompts. In many cases, the threat actors will push out repeated MFA notifications and then contact the target through email, messaging platforms, or over the phone, pretending to be IT support to convince the user to accept the MFA prompt.
Ultimately, the targets get so overwhelmed that they accidentally click on the ‘Approve’ button or simply accept the MFA request to stop the deluge of notifications they were receiving on their phone.
Therefore, if you are an employee who is the target of an MFA Fatigue/Spam attack, and you receive a barrage of MFA push notifications, do not panic, do not approve the MFA request, and do not talk to unknown people claiming to be from your organization.
Instead, contact the known [cyber security specialists] for your company, your IT department, or your supervisors and explain that you believe your account has been compromised and is under attack. You should also change the password for your account if possible to prevent the hacker from continuing to log in and generate further MFA push notifications.
Once your password has been changed, the threat actor will no longer be able to issue MFA spam, giving you and your admins room to breathe while the compromise is investigated.”
8 Ways to Avoid Cyber Fatigue
According to excerpts from an article by FieldEffect, they wrote, “Today’s cyber security professionals often struggle with security alert fatigue. They use more tools to defend more systems than ever before, resulting in an overwhelming number of potential security threat alerts that require investigation. Teams are left feeling overworked and exhausted as they struggle to sort through high volumes of information to spot the real cyber risks and concerns that threaten their business’ operations, reputation, and data.
Each security alert creates more noise that security professionals have to manage and, eventually, they may begin to tune it out. But, just like the story of the boy who cried wolf, this is where the real danger lies. When exhaustion sets in and cyber security teams struggle to pay attention to alerts, the real cyber threats slip past unnoticed.
The good news? By understanding cyber security alert fatigue and why false positives happen in the first place, you and your team can stay focused on the issues and concerns that matter most to your business.
1. Optimize your security tech stack
Part of the cause behind alert fatigue in cyber security is the sheer volume of tools companies rely on to defend their IT environment.
In a recent survey of our Twitter community, we asked how many tools and solutions cyber security professionals use to identify and respond to threats; 25% said they were using 10 or more tools.
According to IBM research, companies with over 50 tools in their security tech stack have a harder time detecting and responding to active threats, largely thanks to the fact these tools aren’t always interoperable.
That lack of integration could lead to duplicate alerts, vastly increasing the amount of work staff must do without actually providing any additional security.
If your team is overwhelmed with alerts, take the time to conduct an inventory of your tech stack. You may be able to replace point solutions that only address one part of your IT environment with a more comprehensive piece of technology that will secure your operations from end to end.
2. Ensure security tools are integrated properly
Closely related to our previous point, tools that aren’t properly integrated with each other are a recipe for headaches and alert fatigue.
The comprehensive coverage necessary for modern security often means organizations must layer several point solutions on top of each other.
But as we discussed, not all tools are interoperable. What’s more, as there’s little incentive for vendors to create tools that play well with others, you may be stuck with an overwhelming volume of redundant security data.
Ensuring your tools are properly integrated may be time-consuming, but that interoperability can help reduce the overall number of alerts to investigate and help cut down on the number of false positives to follow up on.
3. Assess and reduce your threat surface
Your threat surface comprises every point in your IT environment where an attacker could gain unauthorized access. This includes both hardware and software:
- Desktop and laptop computers.
- Mobile phones.
- Routers, switches, and servers.
- Removable data storage, like USB flash drives.
- Smart devices, including TVs, security cameras, and other technology.
- Unsupported or unpatched software, workstations, and even servers.
- Misconfigured cloud services.
- Services and devices that connect to the internet, including those that support remote work and Internet of Things (IoT) devices such as smart speakers or security cameras.
- Web and desktop applications, including cloud-based SaaS deployments or email services.
Even something as innocuous as extra code has the potential to expand your threat surface. All code has the potential to include flaws, and if this code were exposed or left in a program, it may give an attacker another vector for targeting your IT network.
By reducing your threat surface, you’re actively removing those attackable points, or improving their defenses. With fewer attackable points, you’ll also have fewer alerts to manage and sort through.
4. Tackle quick-win security updates
One of the easiest ways a company can improve its security posture quickly and efficiently is by focusing on adopting and following a few cyber security basics:
- Know your network: Understanding what devices, technology, software, and connections occur on your network is foundational to better cyber security. Learn the ins and outs of your IT infrastructure to better understand how an attacker might target it.
- Keep software up to date: Regularly patching and updating software can help eliminate vulnerabilities as software developers identify them. One 2019 study found that 60% of breaches were linked to an available yet unapplied security patch.
- Use stronger passwords: Weak passwords mean that attacks that target users are still remarkably effective. Take the time to ensure your company is following accepted best practices and using effective password management applications.
- Use a firewall: A firewall can prevent staff from accessing (intentionally or not) known malicious websites, actively blocking them from clicking those risky links.
- Educate and train employees: Humans are often the weakest link in security. Beyond stopping them from accessing known malicious sites and links, you’ve also got to deal with social engineering attacks that prey on distraction. Train employees to recognize the signs of a phishing attempt, what to do if they think they’ve been compromised, and best practices for passwords and cyber hygiene.
5. Prioritize alerts
What alerts and warnings are important to your organization? Determining what cyber threats would have the greatest impact on your organization is a great place to start.
The high-profile anomalies in your system should be surfaced to your team immediately, but not all threats are created equal. Some can wait a few hours.
Prioritization allows your team to triage alerts and make better use of their time.
6. Adjust and fine-tune alert thresholds
Understanding the trigger for an alert can help you fine-tune when they are delivered to your team. For example, if an incorrect password entry is going to send an email alert to your team each and every time a staff member’s finger slips and hits the wrong key, then you’re likely going to have a very full inbox.
Rethink the rules that trigger a security alert. In this case, multiple rapid incorrect password attempts may be a better indicator of a brute force attack. This can help reduce the number of false positives you deal with, in turn giving your team some breathing room to focus on genuine threats.
7. Automate tasks where appropriate
People make mistakes in the best of times. When faced with the constant noise of alert fatigue, mistakes become more likely and common.
Wherever possible, take the time to automate threat investigation to take some of the burden off of busy team members.
8. Enrich alerts with greater context
As alerts are delivered to your team, consider what information is being passed on to them.
As an example, a traditional security alert may read, “Incomplete login session at 2:43 am on the 10.20.32.12.” Because a single alert takes, on average, about ten minutes to investigate, any additional information your alerts provide can save time and let your staff focus on remediation that much faster.
In contrast, an enriched, contextual alert would tell you, “There is a sustained brute-force attack by thousands of remote IPs against the Remote Desktop Service located on DESKTOP-PC10 (10.20.32.12). It is advisable to immediately firewall this system from the Internet and implement a VPN-based solution for remote access.”
Cut through the noise
Cyber attacks aren’t slowing down any time soon. It’s more important than ever that your business cut through the noise to focus on the threats that matter most. But cyber security is always changing, and you may not have time to keep your finger on the pulse of the threat landscape.”
5 Ways to Prevent Cyber Fatigue
LexisNexis had this to say, “Cybersecurity fatigue refers to a decreasing awareness or interest in cybersecurity and a correlating increase in risky behavior. It frequently occurs when people feel overloaded by too much information, fail to see the potential consequences of not maintaining good security, and begin to switch off. One of the most common examples of cybersecurity fatigue is people using the same password across multiple sites or portals.
Data breaches can result in huge financial and reputational damage for businesses, so it’s imperative that your digital defenses are as strong as possible. With that in mind, here are a few strategies to minimize cybersecurity fatigue in your business.
Education and empowerment is the single most important aspect in reducing cybersecurity fatigue. Employees must be educated on the business’s cybersecurity controls and empowered to speak up if they feel that these are lacking, or suspect anything untoward. Frequently sharing updated knowledge, not only about the organization’s general processes, but also the specific types of data the business holds and any additional protocols that may apply, will establish a broader sense of responsibility amongst all employees.
People must be continuously trained through exercises like phishing tests and incident response drills. Phishing tests are a great way to gamify your cyber defenses —spotting the test phishing emails will prime employees for when the real thing happens and encourage them to report it, rather than just delete the email. Similarly, educating employees on the different types of breaches and then running breach scenarios (enacting the breach response process in real-time) is a great way to tighten defense and keep employees engaged.
Recruit a hacker
A particularly eye-opening way to highlight vulnerabilities in an organization’s cyber defenses is to hire a ‘white hat’ hacker. White hat hackers are paid by companies to try to break into their systems —though they stop short of actually stealing data. White hat hackers use various tactics from standard phishing to social engineering or employee impersonation to gain access —anything a malicious hacker would do. Through this, employees can see exactly how weak security can lead to easy access —and just what is at stake!
Know your obligations
Different types of data have different obligations attached to them. Similarly, different pieces of legislation (such as Australia’s Notifiable Data Breach scheme) require certain actions of businesses in the event of a breach. Having thorough knowledge of relevant obligations helps employees quickly cut through the noise and discern what is or is not relevant to them in the busy cybersecurity landscape. This allows for a more efficient, organized approach to cybersecurity across the business as a whole.
Streamline your systems
Many businesses have data housed across multiple systems and platforms, with many people in charge —making it difficult to keep track of exactly what’s going on. Undertaking an audit of these systems and processes allows a business to corral its data.
This can help with identifying any unnecessary duplications, systemic weaknesses, or employees who have access that don’t actually require it. Regular audits of this kind should be part of any organization’s security hygiene and help to ensure that cybersecurity responsibility is allocated only where it needs to be.
As businesses become more digital-dependent, the threat of data breaches or other malicious hacks will continue to grow. Thus, it is imperative that all employees are aware of what it takes to protect the business and maintain those practices at all times. By using the techniques above, organizations can combat cybersecurity fatigue and minimize the damage from potential incidents in the future.”
At Adaptive Office Solutions, cybersecurity is our specialty. We keep cybercrimes at bay by using analysis, forensics, and reverse engineering to prevent malware attempts and patch vulnerability issues. By making an investment in multilayered cybersecurity, you can leverage our expertise to boost your defenses, mitigate risks, and protect your data with next-gen IT security solutions.
Every single device that connects to the internet poses a cyber security threat, including that innocent-looking smartwatch you’re wearing. Adaptive’s wide range of experience and certifications fills the gaps in your business’s IT infrastructure and dramatically increases the effectiveness of your cybersecurity posture.
Using our proactive cybersecurity management, cutting-edge network security tools, and comprehensive business IT solutions you can lower your costs through systems that are running at their prime; creating greater efficiency and preventing data loss and costly downtime. With Adaptive Office Solutions by your side, we’ll help you navigate the complexities of cybersecurity so you can achieve business success without worrying about online threats.
To schedule a Cyber Security Risk Review, call the Adaptive Office Solutions’ hotline at 506-624-9480 or email us at email@example.com