Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Risk Management & Resilience
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

VMware releases 2021 Global Security Insights Report

Issue 3 2021 Information Security

VMware released the findings from the fourth instalment of the Global Security Insights Report, based on an online survey of 3 542 CIOs, CTOs and CISOs in December 2020 from across the globe. The report explores the impact of cyberattacks and breaches on organisations and details how security teams are adapting to these challenges.

Accelerated digital transformation has caused security teams to face evolving threats as cybercriminals seize the opportunity to execute targeted attacks exploiting fast-tracked innovation and the anywhere workforce. Close to 80% of organisations surveyed experienced cyberattacks due to more employees working from home, highlighting the vulnerabilities in legacy security technology and postures.

“The race to adopt cloud technology since the start of the pandemic has created a once-in-a-generation chance for business leaders to rethink their approach to cybersecurity,” said Rick McElroy, principal cybersecurity strategist, VMware. “Legacy security systems are no longer sufficient. Organisations need protection that extends beyond end points to workloads to better secure data and applications. As attacker sophistication and security threats become more prevalent, we must empower defenders to detect and stop attacks, as well as implement security stacks built for a cloud-first world.”

The Global Security Insights Report provides intelligence on the cybersecurity landscape, attack and defence trends, along with the security priorities for organisations this year to maintain resilience. The key findings include:

• A lack of urgency despite surge in material breaches. 81% of respondents have suffered a breach in the last 12 months with four out of five breaches (82%) considered material. Yet, security professionals have underestimated the likelihood of a material breach. Only 56% say they fear a material breach in the next year and just over one-third (41%) have updated their security policy and approach to mitigate the risk.

• Resurgence of ransomware and remote work creates unpredictable attack surface. 76% of respondents said attack volumes had increased – with majority pointing to employees working from home as the cause – and 79% said attacks had become more sophisticated. Cloud-based attacks were the most frequently experienced attack type in the past year, whereas the leading breach causes were third-party apps (14%) and ransomware (14%).

• Cloud-first security strategies are now universal. 98% of respondents already use or plan to use a cloud-first security strategy. But the move to cloud has expanded the threat surface. Nearly two thirds (61%) agree they need to view security differently now that the attack surface has expanded. 43% of respondents said they plan to build more security into their infrastructure and apps and reduce the number of point solutions.

• Applications and workloads are top CISO concerns. Applications and workloads are viewed as the most vulnerable points on the data journey. 63% of respondents agree they need better visibility over data and apps in order to pre-empt attacks. 60% of respondents also shared that their senior leadership team feel increasingly worried about bringing new applications to market because of the growing threat and damage of cyberattacks.

• Security concerns are holding back adoption of AI. The next frontier for business innovation may be artificial intelligence, but more than half of respondents (56%) say that security concerns are holding them back from embracing AI and machine learning.

The pandemic and shift to anywhere work have undoubtedly changed the threat landscape requiring security teams to transform their cybersecurity strategies and stay one step ahead of attackers. Key focus areas for the coming year must include improving visibility into all end points and workloads, responding to the resurgence of ransomware, delivering security as a distributed service and adopting an intrinsic approach to cloud-first security.

For a clearer picture on the evolving threat landscape as well as actionable guidance and recommendations for this year and beyond, download the full report at https://www.carbonblack.com/resources/global-security-insights-report-2021-intelligence-from-the-global-cybersecurity-landscape/




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What are MFA fatigue attacks, and how can they be prevented?
Information Security
Multifactor authentication is a security measure that requires users to provide a second form of verification before they can log into a corporate network. It has long been considered essential for keeping fraudsters out. However, cybercriminals have been discovering clever ways to bypass it.

Read more...
SA's cybersecurity risks to watch
Information Security
The persistent myth is that cybercrime only targets the biggest companies and economies, but cybercriminals are not bound by geography, and rapidly digitising economies lure them in large numbers.

Read more...
Cyber insurance a key component in cyber defence strategies
Information Security
[Sponsored] Cyber insurance has become a key part of South African organisations’ risk reduction strategies, driven by the need for additional financial protection and contingency plans in the event of a cyber incident.

Read more...
Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Read more...
Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Read more...
AI augmentation in security software and the resistance to IT
Security Services & Risk Management Information Security
The integration of AI technology into security software has been met with resistance. In this, the first in a series of two articles, Paul Meyer explores the challenges and obstacles that must be overcome to empower AI-enabled, human-centric decision-making.

Read more...
Milestone Systems joins CVE programme
Milestone Systems News & Events Information Security
Milestone Systems has partnered with the Common Vulnerability and Exposures (CVE) Programme as a CVE Numbering Authority (CNA), to assist the programme to find, describe, and catalogue known cybersecurity issues.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.