B2B Payments

Cybersecurity Researchers To Corporates: You're Being Naïve


Corporates large and small are “naïve” about their cybersecurity risks, according to a new report.

Researchers at cybersecurity analytics company RedSeal released a survey this month that explores why businesses aren't adequately approaching their security strategies, and it comes in the context of new data from IBM Security that finds U.S. firms aren't heeding advice from the Federal Bureau of Investigation about how to deal with an attack.

“Cyber naivete” is how RedSeal described many of the survey respondents of its report, conducted with data company 72Point. According to researchers, 80 percent of respondents fell into that category and are considered “ripe” targets for cyberattacks. That's despite 80 percent of CEOs expressing confidence in existing cybersecurity strategies.

That confidence is misdirected, with half of organizations prioritizing an outdated method to protect their businesses. Only 24 percent said they are proactively working to handle hackers that have already successfully attacked their companies.

“CEOs' confidence reflects a disconnect with the reality of increased cyberattacks and the massive financial losses associated with them,” the report stated, as reported by The Wall Street Journal. “In addition, their confidence is based on a strategy determined to be insufficient and out of date more than two years ago.”

In a data roundup by the publication of the latest analysis of corporate cybersecurity, researchers identified where a security breach is most likely to occur. Data security company Imperva, reports said, found that phishing attacks are more likely to be successful when a person opens an email at work (with 35 percent of phishing emails sent between 9 a.m. and noon).

But there are other areas breaches can occur: IT security firm Gemalto found that 68 percent of IT professionals said they would be OK with having employees use their own social media credentials to access company systems. Mismanaged paperwork can also be an issue, with 45 percent of ethics and compliance professionals surveyed by the Society for Corporate Compliance and Ethics and by the Health Care Compliance Association noting that lost paper files were to blame for their data breaches. Meanwhile, 20 percent cited a lost device for the cause of a breach. And TD Bank analysis found that more than a third of treasury and finance executives cite the risk of payments fraud and cybersecurity as their top challenge for the year ahead.

All of this data has flowed in as IBM Security reports another reason to be concerned about U.S. companies' cybersecurity measures.

According to the research, 70 percent of companies say they pay up when targeted by a ransomware attack — an attack in which hackers take corporate data hostage unless the victim pays a ransom — despite the FBI advising organizations not to do so, reports by CyberScoop said last week.

The majority of these companies said they paid more than $10,000 to hackers that locked corporate systems and held data hostage — a fifth said they paid more than $40,000. Further, IBM Security found that many of these targets never report the hack or details of the breach to law enforcement.

Cyberattacks are complex to prevent and challenging to take care of once they've occurred — especially for smaller businesses. But in today's climate, CyberScoop said, businesses cannot afford to let their cybersecurity strategies fall by the wayside — as research suggests they do.

“Education about phishing and hacking is effective, though it often feels out of the question for small businesses with less time and money to spare than their larger counterparts,” the outlet wrote. “But phishing remains the most used attack vector for hackers of all stripes … so it ought to be high on the priority list of any organization or individual concerned with security — and, after the year we've had, we should probably all be concerned.”



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

Click to comment