In recent years, we have seen an increasing number of cyber attacks on businesses, and have witnessed how compromised accounts can sometimes have disastrous consequences. In our Security Operations Centre, we protect our customers against these cyber attacks by investigating security alerts and blocking cyber-attacks. Our cyber experts have analysed over eleven thousand alerts from the past year to date. In this blog, we share the results of this analysis and discuss the trends we have seen over the past year.
Chance of being hacked is 1 in 5
The chance of being hacked as a business has been increasing for years now. According to our data analysis, 1 in 5 businesses would be the victim of a cyber incident with impact, even if an antivirus solution and firewall are present. The main attacks are ransomware and 'business email compromise' (phishing), with approximately equal numbers of incidents between the two.
On average, a customer is hacked 0.3 times. Due to some companies being affected by hacking more than once, the chances of your business being affected by a cyber incident come out to a shocking 1 in 5. Our analysis also shows a significant number of hacked accounts among businesses, highlighting the importance of monitoring changes in access or appearance of accounts as clear warning signs of a security breach. This likelihood depends on various factors, including the security measures and cyber security practices in place.
5 out of 100 businesses have already experienced a data breach
Traditionally, cybersecurity has been represented as a castle, with a high wall being built primarily to keep out intruders. If this wall is breached, intruders and attackers can often roam freely on the inside. To prevent impact in case of a break-in, it is crucial to have guards on the inside in addition to the wall, so that you can quickly intervene when you see someone who does not belong there. That is what we achieve with Managed Detection and Response (MDR) among other things. Our software and experts monitor your systems and signal any unusual or unsafe behaviour, so that cyber attacks can be quickly detected, and the impact can be avoided.
According to our research, 5 out of 100 businesses have already been hacked before becoming a customer of Eye Security. In most cases, these are back doors in the castle wall that are left ajar to be used as an entrance later. If a company installs Eye Security's software, the system will immediately sound the alarm in the event of misuse of the back door. We also actively search for back doors to remove them before they can be used. This process involves identifying vulnerabilities in your systems and securing login details and other sensitive information. It is also advisable to monitor the dark web for potential data breaches and take precautions to secure personal information after discovering any leaks online.
Experts reduce impact by 80%
The effectiveness of cyber security measures is largely dependent on the expertise of the individuals managing them, rather than the technology itself. According to our research, only 20% of impact reduction comes from the implemented software, while 80% can be attributed to the experts who evaluate the alerts. In other words, implementing Endpoint Detection & Response without a good team to evaluate the alerts has limited impact on the security of businesses.
Unfortunately, cybersecurity experts are extremely scarce and it is almost impossible - and unaffordable - for an average company to hire such a specialist. This means that this expertise must be outsourced. This is the added value that Managed Detection and Response offers over just an EDR solution. In addition, an MDR service often includes more services than just Managed EDR, such as monitoring Microsoft 365 or Google Workspace environments against phishing attacks, and monitoring the online attack surface for misconfigurations and other major risks.
Insurance is better
While the number of cyber incidents is generally on the increase, it is decreasing among companies with cyber insurance. This is not surprising: insurers are increasingly setting stricter security requirements for companies before they insure them. These extra requirements help make organisations more secure and resilient. However, it also means that fewer and fewer companies are eligible for cyber insurance. The MDR solution from Eye Security guarantees that you can get cyber insurance.
ROI of cyber security
Our customers would have been hacked an average of 0.3 times last year. We have calculated the average damage this would have caused, distinguishing between business email compromise and ransomware attacks. By comparing this with the costs of Eye Security's services, we can calculate the return on investment of Eye Security's security package. This is over 300% and shows that cyber security measures pay off.
.png?width=600&height=300&name=Image_impactexperts_EN%20(1).png)
Find out more
Are you looking for more information on the cyber security landscape and the resilience of businesses? Our infographic provides additional statistics and insights. Click here to download it free now.
Frequently Asked Questions
What are the chances of being hacked?
The chances of being hacked depend on various factors, including the effectiveness of your security measures, the sophistication of hackers, and their knowledge of the vulnerabilities in your systems. On average, businesses have a 1 in 5 chance of experiencing a cyber incident with impact.
What are some common types of cyber attacks?
Common types of cyber attacks include phishing, ransomware, malware, and business email compromise. These attacks specifically target online accounts, sensitive information, and login details to gain unauthorized access to your system.
How can I protect my online accounts and sensitive information with two-factor authentication?
To protect your online accounts and sensitive information, use strong, unique passwords for each account, enable two-factor authentication, and regularly update your software and systems. Additionally, you should be cautious of phishing attempts and avoid clicking on suspicious links or attachments. Securing your email account is crucial as it serves as a gateway to other accounts, and a compromised email account could allow hackers to request password resets for other accounts, leading to unauthorised access and financial loss.
What security measures should businesses implement to reduce the risk of being hacked?
Businesses should implement comprehensive cybersecurity measures to minimise the risk of compromised accounts, including firewalls, antivirus software, intrusion detection systems, and regular security audits. Training employees on best practices for cyber security and conducting regular vulnerability assessments are also crucial tools.
How does Eye Security help protect against cyber attacks?
Eye Security offers Managed Detection and Response (MDR) services that monitor your systems for unusual or unsafe behavior. Our experts analyze security alerts, investigate potential threats, and take action to prevent cyber attacks from causing damage.
Can I completely eliminate the risk of being hacked?
While it is impossible to completely eliminate the risk of being hacked, implementing robust cyber security measures and staying informed about the latest threats can significantly reduce your risk. Regularly updating your software and systems, training employees, and conducting security audits are essential practices.
What should I do if my computer or network is compromised?
If your computer or network is compromised, immediately disconnect from the internet to prevent further damage. Contact your IT department or a cybersecurity expert to investigate and mitigate the breach. Change your passwords and monitor your accounts for any suspicious activity.
How do hackers steal sensitive information and money?
Hackers use various methods to steal sensitive information and money, including phishing attacks, malware or other types of malicious software, and exploiting vulnerabilities in your systems. They may also use social engineering techniques to trick individuals into revealing login and password details or other sensitive data.
What is the role of cyber insurance in protecting businesses?
Cyber insurance helps businesses recover from the financial impact of a cyber attack by covering costs such as data recovery, legal fees, and business interruption. However, insurers often require businesses to implement specific security measures to qualify for coverage.
What are the warning signs of hacking?
Recognising the warning signs of hacking early can help you take swift action to protect your online accounts and sensitive information. Here are some key indicators that your account or system may have been compromised:
-
Unusual login attempts: If you notice login attempts from unknown locations or devices, it could be a sign that your account has been compromised. Always monitor your login history and be alert to any unfamiliar activity.
-
Suspicious emails or messages: Be cautious of emails or messages that ask you to reveal sensitive information or contain links or attachments that lead to malware or phishing scams. These are common tactics used by hackers to gain access to your accounts.
-
Changes to account settings: If you notice changes to your account settings or profile information that you did not make, it could be a sign that your account has been hacked. Regularly review your account settings to ensure they remain secure.
-
Unusual activity on social media accounts: If you see posts or messages on your social media accounts that you didn’t send, it could be a sign that your account has been compromised. Monitor your social media activity and report any suspicious behavior.
-
Data breach notifications: If you receive notifications about data breaches related to your accounts, it could be a sign that your sensitive information has been exposed. Take these notifications seriously and take immediate action to secure your accounts.
-
Malware or antivirus software alerts: If your antivirus software alerts you to malware or suspicious activity on your device, it could be a sign that your device has been compromised. Run regular scans and keep your antivirus software up-to-date.
-
Unusual credit card charges: If you notice unusual charges on your credit card, it could be a sign that your financial information has been stolen. Monitor your financial statements regularly and report any unauthorised transactions to your bank.
-
Identity theft: If you notice signs of identity theft, such as unfamiliar accounts opened in your name or unexplained credit inquiries, it could be a sign that your personal information has been compromised. Regularly check your credit reports for any suspicious activity.
How can you recover?
If you suspect that your account or system has been hacked, it’s crucial to act quickly to minimize damage and prevent further unauthorized access. Here are the steps you should take:
-
Change your passwords: Immediately change your passwords for all accounts that may have been compromised. Use strong, unique passwords for each account to enhance security.
-
Enable two-factor authentication: Enable two-factor authentication (2FA) to add an extra layer of security to your accounts. This makes it more difficult for hackers to gain access, even if they have your password.
-
Run a virus scan: Run a full virus scan on your device to detect and remove any malware. Ensure your antivirus software is up-to-date to provide the best protection.
-
Monitor your credit reports: Monitor your credit reports for any suspicious activity or unfamiliar accounts. This can help you detect signs of identity theft early and take appropriate action.
-
Contact your bank: Report any suspicious activity or unauthorized transactions to your bank immediately. They can help you secure your accounts and prevent further financial loss.
-
Update your antivirus software: Ensure your antivirus software is updated to the latest version. This helps protect your device from new threats and vulnerabilities.
-
Be cautious of phishing scams: Be vigilant about phishing scams that may try to trick you into revealing sensitive information. Avoid clicking on suspicious links or attachments in emails or messages.
-
Use unique passwords: Use unique passwords for each of your accounts to prevent hackers from accessing multiple accounts with a single password. Consider using a password manager to generate and store complex passwords.
-
Keep your software up-to-date: Regularly update your software and systems to ensure you have the latest security patches. This helps protect against known vulnerabilities.
-
Consider using a password manager: A password manager can help you generate and store unique, complex passwords for all your accounts. This enhances your overall security and makes it easier to manage your passwords.
-
