Traditional Security Methods Cost Businesses Millions Annually

One of the reasons there are so many network breaches is traditional security approaches relying on reactive, detect-and-respond measures and manual processes are not able to keep pace with the volume, variety and velocity of current cyber threats.

Skybox Security’s latest research revealed that 27% of executives and 40% of CSOs say their organizations are not prepared for today's rapidly shifting threat landscape. Organizations experienced 15% more cybersecurity incidents in 2021 than in 2020. In addition, material breaches jumped 24.5%.

The top four causes of the most significant breaches reported by the affected organizations were:

• Human error
• Misconfigurations
• Poor maintenance/lack of cyber hygiene
• Unknown assets.

"What's notable about this list is that all of these conditions result from mistakes or manual processes inside organizations — which means they are all, in principle, avoidable," said Ran Abramson, threat intelligence analyst, Skybox Research Lab. "The clear implication is that, however pernicious external threats have become, cybersecurity teams still have the power to repel them."

Meanwhile, organizations shifting to modern, risk-based strategies are more successful in preventing breaches.

Firms with fewer breaches ranked higher in cybersecurity progress as measured by the NIST framework. Organizations with no breaches also took a risk-based approach to cybersecurity. Forty-eight percent of organizations with no breaches in 2021 had implemented risk-based cybersecurity management strategies.

Those who took a risk-based approach excelled in key areas beyond the NIST framework, including attack surface visibility and context, attack simulation, exposure analysis and risk scoring.

"To prevent breaches, CISOs must make a strategic shift to taking a strategic risk-based view of reducing actual exposure," said Gidi Cohen, CEO and founder, Skybox Security. "CISOs need to validate and report on how they're taking measurable, proactive steps to reduce risk systematically and reduce the financial impact a breach could have on their company."

Risk-based methods save companies millions of dollars annually and prevent damage to reputation, customer trust, company morale and market standing by mitigating breaches.