"Half of Cyberattacks Go Unreported"
According to security researchers at Keeper Security, fear, ignorance, and forgetfulness are some of the reasons for widespread shortcomings in reporting cyberattacks and breaches, both internally and externally. During the study, the researchers found that despite cyberattacks being top of mind for IT and security leaders, 40% of them said they had experienced one, and 74% admitted they were concerned about a future “cybersecurity disaster” impacting their organization. The researchers also found that 41% of cyberattacks were not reported to internal leadership, and nearly half (48%) of organizations that experienced a cybersecurity incident kept them a secret from the appropriate authorities. When the researchers asked participants in the survey the reasons for their lack of internal disclosure, many participants mentioned that they did not think leadership would care about a cyberattack or would not respond to it anyway. The researchers noted that the lack of reporting to authorities was largely based on the fear of repercussion (43%) and short-term concerns about harm to the organization’s brand (36%), followed by a feeling it was unnecessary (36%) and forgetfulness (32%).