It’s time to catch up with cyber attackers
The cyber threat landscape has reached a critical tipping point.
According to the UK government’s 2024 Cyber Security Breaches Survey, a staggering 50% of businesses experienced some form of cyber breach in the last 12 months, with this figure rising dramatically to 70% for medium businesses and 74% for large businesses.
Phishing attacks dominate the threat landscape, accounting for 84% of business breaches, followed by email impersonation (35%) and malware (17%).
The statistics, while alarming, reveal only part of the challenge facing organizations today. The most pressing issue isn’t just the increasing frequency of attacks, but also the growing disparity between how quickly attackers can breach systems and how long organizations take to respond.
Contemporary security technologies can detect threats within minutes, yet the average time for organizations to fully identify, contain and restore systems stretches to about 20 days – with recovery times far longer. This extended vulnerability window gives cybercriminals ample time to infiltrate networks, compromise sensitive data and even establish a backdoor for future attacks.
Recent headlines have highlighted the devastating impact of delayed response times across various sectors. From the UK Air Traffic Control’s miscommunicated cyber incident last year to UnitedHealth’s delayed response to a massive data leak in April this year, as well as ongoing challenges faced by British Ambulance Services and Nuclear plant Sellafield, the impact of inadequate response times continues to be felt.
These incidents underscore a troubling reality. When organizations cannot respond swiftly to cyber threats, the consequences ripple far beyond immediate operational disruption. The financial toll is substantial – IBM reports a 10% increase on the cost of an average data breach in 2024, rising to $4.8million.
CEO and Executive Chairman, Performanta.
That said, the cybersecurity industry has made remarkable strides in developing defensive technologies, yet many organizations struggle to maximize their potential.
Modern Extended Detection and Response (XDR) platforms represent a significant advancement, offering sophisticated threat detection and automated response capabilities that can identify and neutralize threats across an organization’s entire IT infrastructure.
The latest generation of security tools also incorporates predictive capabilities, leveraging vast databases of threat intelligence to anticipate and prevent attacks before they materialize. These systems can link seemingly unrelated events across different parts of the network – in doing so, subtle patterns that might indicate an emerging threat can be identified – a key part in taking detection timelines from days to hours.
This evolution from reactive to proactive defense represents a crucial step forward in closing the response time gap. However, the form of data remains crucial. Too often, we see organizations dealing with theoretical data as opposed to actual, real-time information. Relying on the former may prove effective in theory, in practice, it’s a different story altogether. No one organization’s defense is the same.
Building a cyber safe culture
Indeed, creating an effective cyber defense requires more than deploying the latest security tools – it demands a fundamental shift in organizational culture.
Security posture assessments need to become an ongoing process rather than a periodic checkbox exercise. By continuously evaluating and adjusting defenses, organizations can identify and address vulnerabilities before attackers have the chance to exploit them. The integration of artificial intelligence and machine learning capabilities has become key to this effort, not least because it has reduced time needed to spot and investigate potential threats but also the ability to bring contextual data into play, allowing a more informed response.
Best practices for rapid response
Indeed, a robust cybersecurity strategy must seamlessly integrate people, processes and technology.
Security teams require immediate access to clear and actionable threat intelligence through intuitive interfaces that support rapid decision-making. Protection must extend across the entire attack surface, from cloud infrastructure to remote work endpoints, to create a unified defense against increasingly sophisticated threats.
Modern security platforms can automate initial containment measures, which will buy precious time for security analysts to investigate and respond to incidents. However, technology must be supported by clear protocols for incident communication and stakeholder coordination. While building these defenses requires significant investment, the potential costs of a serious breach can be markedly higher – both in immediate financial terms and long-term reputational damage.
The most effective rapid response strategies now incorporate real-time monitoring of the complete environment. In the most effective cases, this monitoring is bolstered by strong detection and response processes, which provide the correct amount of insights into each individual risk and the damage it is capable of causing. After, cyber teams can quickly understand the scope and nature of any security incident, facilitating faster and more targeted responses.
Looking ahead
A proactive security posture, supported by continuous adaptation and improvement, has become essential for survival. This means not only keeping pace with emerging threats but anticipating and preparing for tomorrow’s challenges. It means being cyber safe – not just cyber secure. The current gap between attacker capabilities and defender response times represents one of the most pressing challenges in modern cybersecurity. However, organizations that combine cutting-edge mindset backed by the right technology with robust processes and a cyber safety-conscious culture can work to close this gap. The objective isn’t merely to catch up with cyber attackers – it is to stay ahead of them.
Checkout our list of the best identity management software.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
The cyber threat landscape has reached a critical tipping point. According to the UK government’s 2024 Cyber Security Breaches Survey, a staggering 50% of businesses experienced some form of cyber breach in the last 12 months, with this figure rising dramatically to 70% for medium businesses and 74% for large…
