By Chris Skinner via Iris.xyz

We talk a lot about cybersecurity, fraud and risk, but are we too complacent about it? We have all these stats and figures:

  • According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is still delivered by email.
  • Out of the 1,300 IT security decision makers surveyed for cyberark Global Advanced Threat Landscape Report 2018, 56 percent said that targeted phishing attacks were the top security threat they faced.
  • Ponemon’s 2017 Cost of Data Breach study found that organizations were able to identify data breaches on average within 191 days. That might sound like a shockingly high number—it’s more than six months!—but it’s marginally better than 2016’s figure, which was 201 days.
  • Ponemon pegs the average cost of a single attack at $5 million, with $1.25 million—a quarter of the total—attributable to system downtime, and another $1.5 million (30 percent) to IT and end user productivity loss.
  • According to Thales’ 2018 Data Threat Report, 64 percent of respondents around the world feel that adhering to compliance requirements is a ‘very’ or ‘extremely’ effective way to keep data secure.
  • According to the 2018 IDG Security Priorities Study, 69 percent of companies see compliance mandates driving spending.
  • According to the Business Advantage State of Industrial Cybersecurity 2017 report, 54 percent of companies sampled experienced an industrial control system security incident within the past twelve months—and 16 percent had experienced three or more.
  • 2018 report from Trustwave produced some dispiriting numbers when it comes to Internet of Things (IoT) security:
    • 64 percent of surveyed organizations have deployed IoT devices, and another 20 percent plan to do so within the next year
    • But only 28 percent of those organizations consider their IoT security strategy to be “very important,” and more than a third think it’s only somewhat important, or not important at all

Click here to read more on Iris.