"A Third of Global Organizations Were Breached Over Seven Times in the Past Year"
Security researchers at Trend Micro have discovered that 32% of global organizations have had customer records compromised multiple times over the past 12 months as they struggle to profile and defend an expanding attack surface. The researchers published their findings in Trend Micro's semi-annual Cyber Risk Index (CRI) report. The CRI calculates the gap between organizational preparedness and the likelihood of being attacked, with -10 representing the highest level of risk. The researchers found that the global CRI index moved from –0.04 in 2H 2021 to –0.15 in 1H 2022, indicating a surging level of risk over the past six months. The researchers noted that this trend is also reflected elsewhere in the data: the number of global organizations experiencing a "successful" cyberattack increased from 84% to 90% over the same period. Unsurprisingly, the number expected to be compromised over the coming year has also increased from 76% to 85%. Some of the top preparedness risks highlighted by the researchers are related to attack surface discovery capabilities. It is often challenging for security professionals to identify the physical location of business-critical data assets and applications. Overall most organizations rated the following as the top cyber threats in 1H 2022: business email compromise (BEC), clickjacking, fileless attacks, ransomware, and login attacks (credential theft).