Highlights:

  • The report’s main conclusions include the fact that bad actors frequently go undetected on corporate networks for long stretches of time.
  • 95% of respondents claimed to have given third-party risk assessments more attention.

According to a recent report released by big-data analytics company Splunk Inc, security leaders continue to witness increased cyberattacks and unscheduled outages.

52% of organizations claim to have experienced a data breach in the last two years, up from 49% in 2022 and 39% in 2021, according to the Splunk State of Security 2023 report. In addition, 62% of security leaders reported that, up from 54% in 2022, unplanned downtime caused by a cybersecurity incident had affected their business-critical applications at least monthly.

The report’s main conclusions include that bad actors frequently go undetected on corporate networks for long periods.

Cybersecurity-related outages increased to around 22 annually, costing, on average, about 2.7% of annual revenue. A recent Splunk report estimates that downtime can cost businesses about USD 365,000 per hour. Nearly 40% of those surveyed claimed that cybersecurity incidents directly hurt their ability to compete, and 31% claimed that they decreased shareholder value.

Despite the unfavorable headline figures, there was good news because numerous organizations are taking action to deal with these issues. Almost all respondents predict an increase in their security budgets over the next two years, with 56% stating that their budgets are already growing “significantly.”

More than four-fifth of organizations claim to be combining certain aspects of their information technology and security operations. The security leaders surveyed indicated that 58% believed convergence would aid in increasing overall risk visibility in their environment, and 55% believed improved cooperation in threat identification and response processes would result.

Organizations are also putting more effort into securing their supply chains, with 95% of respondents reporting that they have given third-party risk assessments more attention. 91% of respondents concur that one of the best tools for preventing successful ransomware attacks is improved detection, data capture, and analysis.

Well-known Splunk security strategist Ryan Kovar said, “In the organizations, we’ve worked with, resilience has been strongest with a collaborative approach in everything, from software development and infrastructure monitoring to business continuity planning. This approach brings everyone to the table, including security leaders with IT and business leaders, so they all can focus on protecting the organization.”