Every year, Forrester delivers the Forrester Analytics Business Technographics® Security Survey, which gives us insight into the current state, challenges, and forward-looking priorities of security decision-makers. This year, we analyzed the data to see how digital transformation hesitancy, disaster recovery preparedness, and balancing expectations with data affect the cost and effects of breaches. Our research, included in The 2021 State Of Enterprise Breaches report, revealed the following:
Sixty-three percent of organizations were breached in the past year, 4% more than the year before. In the past 12 months, organizations faced an average of three breaches. It's not surprising that this was less than in the previous year, given the shift to remote work during the COVID-19 pandemic. Regions that hesitated to address challenges with business alignment were breached at a higher rate than those that addressed such challenges early on.
Enterprises spend a median of 37 days and a mean of $2.4 million to find and recover from a breach. Globally, organizations took a median of 27 days to find an adversary and eradicate an attack and a median of 10 days to recover from a breach, totaling 37 days to find and recover from a breach. Costs came out to a global mean of $2.4 million in total per breach.
Concerns over types of breaches are far afield from reality on the ground. Security decision-makers are more concerned about external attacks than any other attack vector, at 47%. Breaches come in various ways, however, and are much more evenly spread in frequency among external attacks, lost/stolen assets, internal incidents, and third-party providers.
The findings in this research go far beyond what is mentioned above to dig into how geographic differences played an outsize role in how enterprises were affected by breaches. In the full report, we dive into the nuances by region and analyze why these nuances came about. Through our findings, we highlight the following key takeaways for security professionals:
The future waits for no one. Procrastinating on digital transformation efforts and other IT priorities works … until an urgent forcing function changes everything. As security professionals, you need to advocate for technology updates internally to help the organization be more flexible, adaptable, and prepared for dramatic shifts, which will continue into the foreseeable future.
Following metrics leads to better outcomes. With the constant drumbeat of headline-making breaches, it's not surprising that security professionals are most concerned with external attacks. It's important, however, to lead your organization with data and metrics to ensure that you aren't missing attacks from other, more prevalent vectors. Adjust your strategy according to the data, not the headlines.
Adapting to regional challenges within global companies is imperative. Not all regions are built the same — geopolitical conflict, regulations, culture, staffing availability, and other world events greatly influence the rate of breaches and timely response. Your global strategy will face challenges in different regions because of this. Adapt your timelines, strategy, and metrics to address regional limitations, and set appropriate expectations.
This post was written by Analyst Allie Mellen and it originally appeared here.