Impact of cyberattacks on average companies

A report of Fastly reveals that it takes organizations up to eight months on average to recover from the negative effects of security breaches, including compromised customer accounts and massive data loss.

The annual global cybersecurity report prepared by Fastly highlights the magnitude of cyberattacks against media companies, victims of an average of 25 known attacks this year.

This survey also reveals the financial effects hugely damaging consequences of security breaches. No sector included in the survey is more susceptible to direct economic damage caused by security breaches than media and entertainment (36%).

These companies also highlighted network outages (34%), web application disconnection (27%), data loss (27%) and customer account compromise (27%) as the most common effects of security breaches. Employees in this sector are also more likely to experience social engineering attacks than any other respondents (31%), indicating the need for these companies to implement organization-wide training to protect all their employees.

Sean Leach, VP of Technology at Fastly, notes that "attacks on the media and entertainment industry are less frequent than those directed at other industries. However, they are no less damaging and often cause significant economic damage. The low frequency of known attacks in this sector may be a cause for concern, given that each major streaming event is the subject of numerous attempts to take it offline. On the other hand, it may mean that many companies in this sector are aware of the great risk that cyberattacks pose to them and have taken measures necessary to mitigate possible damage.”

Being aware of the financial implications of not having the right security infrastructure is leading media and entertainment companies to re-evaluate their investments, with a 71% planning to increase their cybersecurity budgets in the next year.

Despite this increase, uncertainty continues to reign among security teams, with 38% of professionals feeling they spent too much on cybersecurity tools in the last 12 months, compared to 28% feeling they did not spend enough. The fact that only 62% of security tools are fully used is representative of this conflictive cybersecurity spending strategy, which represents a significant amount of underused money in the fight against cybercriminals.

The shortage of specialized security talent is also causing problems. In fact, 32% of cybersecurity professionals in the media and entertainment industry estimate that the problems of the last 12 months were due to a talent shortage, and 34% expect this situation to continue in the next 12 months. Consequently, in the last year 53% of companies in this sector have increased their specific budgets for talent. Lack of experience in threat management (53%), lack of necessary skills (40%) and inability to work at scale (40%) are the main problems that security professionals face and have significantly complicated the hiring process.

Una posible solución a estos retos es la IA Generativa, in which 53% of security professionals are expected to invest in the next two years. This is also the top security priority for businesses in the next 12 months, with 37% focused on AI security. This greater prioritization is due to the double-edged sword that Generative AI represents. On the one hand, it is expected to be the second most prevalent threat driver in the next year, but on the other, in the same period of time 66% of cybersecurity professionals estimate that the impact of Generative AI will be positive. These respondents see AI as the key to unlocking new opportunities (49%) and new jobs (42%) more than anything else.

"Despite more attention being paid to the talent availability problem for the past two years, many companies are still trying to solve it by simply spending more. While this strategy can help companies attract the best professionals, it ignores technological advances - and alternative solutions - that can help security teams overcome their staffing challenges. Among them, we have seen that Managed Security Services (MSS) and Generative AI have been priority areas, as companies seek to reduce work and increase productivity of their internal security teams by easing time-consuming tasks, thus unlocking new opportunities for innovation and ensuring that companies are better protected across their entire attack surface,” explains Leach.