Cybersecurity: 3% misery

Whenever we make a journey, physical or otherwise, it’s important to understand where we are before we decide what direction to take. Otherwise we’ll get nowhere. This is as true as ever in cybersecurity.
Russian cybersecurity portal cybersecurity.ru, citing security research company Group-IB, recently stated that only 3% of cyberattacks are detected and countered by bank IT experts. This conclusion notably relates to institutions that boast superior protection against cyber attacks. Mere mortals are obviously less successful.
That 3% is a significant drop from the 10% average attack detection reported by a similar British study a decade ago. More important, this is startling evidence of our deepening cyber security misery. What’s really vital here is for us to recognize the reality. And that reality is frightening. All these almost daily proud statements of detected “sophisticated cyber attacks,” usually followed by bravado announcements that the attack has been defeated and from now on the particular company is reliably protected, are nothing but wishful thinking.
Even if these optimistic announcements were true, the reality is that they’re based on just 3% of cyber attacks. Furthermore, these 3% represent the least sophisticated, often clumsy attacks, while the better than 97% of the attacks go undetected — and we have no idea what they are, nor what we lost in those attacks.
Until we acknowledge the reality of where we actually are in cybersecurity, we’re getting nowhere, faster and faster.

Leave a Reply