From the latest Sophos State of Cybersecurity 2023 Report: The study revealed that today’s reality is a two-speed cybersecurity system with adversaries and defenders moving at different speeds. Through automation, cybercrime “as-a-service” models, stealthy impersonation, and adaptation, adversaries are accelerating and can now execute a wide range of sophisticated attacks at scale. With 94% of organizations experiencing a cyberattack of some form in the last year, all companies – regardless of size or revenue – should assume they will be a target in 2023.
Business Impact: The Situation Has Financial, Operational and Resourcing Consequences
This two-speed system has a considerable impact on the wider organization. The direct financial repercussions of a cyber incident are huge and already wellknown, with the average cost to a small or mid-sized organization to remediate a ransomware attack coming in at $1.4 million1 . These incident clean-up costs are, however, just part of the story
Recommendation: Accelerate the Defender Flywheel to Move Ahead of Adversaries
Enabling defenders to overtake attackers in the 2023 cybersecurity race requires a comprehensive, but straightforward approach. Firstly, organizations need to set up an incident response process that can scale, achieved through minimizing the attack surface and the volume of alerts that require attention, and optimizing response time by leveraging specialist services. Next, they need to implement adaptive defenses that automatically adjust to the situation. This allows them to slow down adversaries and buy defenders time to respond. Finally, they also need to set up a virtuous cycle that combines technology and human expertise to turbo-charge defenses, enabling an increase in speed, efficacy, and impact. Together they accelerate the defender flywheel, enabling them to pull ahead.
Want to learn more? Read the entire Sophos 2023 Cybersecurity Report.