Half of Cyber-Attacks Go Unreported

Security

Fear, ignorance and forgetfulness are some of the reasons for widespread shortcomings in reporting cyber-attacks and breaches, both internally and externally, according to a new global survey conducted by Keeper Security.

The study, Cybersecurity Disasters Survey Incident Reporting & Disclosure, was published on September 26, 2023.

It found that, despite cyber-attacks being top of mind for IT and security leaders 40% of them said they had experienced one and 74% admitted they were concerned about a future “cybersecurity disaster” impacting their organization.

The report also showed worrying shortcomings when reporting attacks, with 41% not reported to internal leadership and nearly half (48%) keeping incidents a secret from the appropriate authorities.

Why is Cybercrime Underreported?

When asked about the reasons for their lack of internal disclosure, a combined 48% of IT and security leaders said they did not think leadership would care about a cyber-attack (25%) or would respond to it anyway (23%).

The lack of reporting to authorities was largely based on the fear of repercussion (43%) and short-term concerns about harm to the organization’s brand (36%), followed by a feeling it was unnecessary (36%) and forgetfulness (32%).

“These responses underscore the importance of business leaders creating and upholding a culture of transparency, honesty and trust when it comes to cybersecurity. Cybersecurity is a shared responsibility and a fear of repercussion should never deter employees from reporting incidents that stand to cause serious harm,” reads the report.

Reporting incidents to the government authorities is also a requirement in many countries, including the UK, the EU and the US.

In a May 2023 social media campaign to debunk cybersecurity myths, the UK Information Commissioner’s Office (ICO) insisted that “Reporting a cyber incident [does not] make the incident more likely to go public [but] means you can access the wealth of support available from the UK National Cyber Security Centre and the ICO.”

Products You May Like

Articles You May Like

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
CISA and EPA Warn of Cyber Risks to Water System Interfaces
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

Leave a Reply

Your email address will not be published. Required fields are marked *