Bosses think hiring gamers will solve their identity theft woes.
Who’s best at fighting bad guys in the cyber world? Those who grew up fighting fake ones in video games.
Three-quarters of information technology executives would consider hiring a gamer even if that person didn’t have cybersecurity training or experience, says a study from cybersecurity company McAfee.
In this round up, we go over how unprepared big business is to combat a hack. From using outdated antivirus software to lacking time to investigate and respond to a breach.
Video game defense
Identity theft to companies has their executives worried and thinking outside the box on how to combat the growing threat.
Forty-six percent feel their company is going to have a hard time keeping up with the level of hacks. They also think its impossible to defend themselves against cyberthreats, according to the survey.
One solution is to increase information technology staffs by 24 percent, even though 84 percent say its difficult to find talented IT staff. And who are they most interested in hiring? Younger gamers. Seventy-eight percent say the current generation, who grew up playing video games, are strong candidates for cybersecurity roles.
“Gamers quickly learn to continually look for clues, tools and weapons in their quest for success,” the study says. “And they develop persistence, endurance, observation, and logic.”
Seventy-two percent feel hiring experienced gamers to their IT departments is a good way to “plug the cybersecurity skills gap.”
And if they’re going to take on the looming cyberthreat this year, they’d better start hiring soon. Most companies need the extra hands as soon as possible.
Little confidence, lack of time
The rate of cyberthreats continues to grow, and most businesses aren’t prepared to combat a hack in a timely manner.
Less than half are able to detect and combat a major cybersecurity incident within an hour, says a study from security company LogRhythm. Even worse, less than a third say if they detect one, the company is unable to contain the breach in one hour. Another study from security company Barkly says 45 percent of businesses don’t have adequate time to investigate and respond to a breach.
“Seemingly every month, another massive security breach dominates the headlines,” says Matt Winter, a LogRhythm vice president. “To combat these threats, organizations need to carefully plan their budgets and strategies, while developing effective programs that tackle specific threats and keep them one step ahead of cyberattackers.”
On average, companies employ 12 cybersecurity professionals. However, more than half of companies have 10 or less on staff, the study says. Lack of staffing leaves security decision makers doubtful in their company’s security.
Half of top IT workers believe a determined hacker can breach their business. More than a third say their company experienced a breach last year alone. Lack of funding is one factor contributing to insecurity.
The amount that most companies allocate to cybersecurity from their IT budgets is often on the low side, according to LogRyhthm. Executives only allocate 10 percent or less of their IT budget to security, which isn’t much, the study says.
Over half (57 percent) of IT executives said their low budgets made them feel only “moderately comfortable” with their company’s level of security. (Which means they don’t feel fully secure.) Another quarter say they’re not comfortable at all.
Identity theft doesn’t only affect private companies, it affects the public, too.
If they fail we’re in trouble
Some of America’s vital organizations are at risk for cyberthreats.
The nation’s “critical infrastructure sectors” are defined by the Department of Homeland Security as…
The essential services that underpin American society and serve as the backbone of our nation’s economy, security, and health. We know it as the power we use in our homes, the water we drink, the transportation that moves us, the stores we shop in, and the communication systems we rely on to stay in touch with friends and family.
There are 16 of these essential services in the U.S. and they’re all at risk for a breach. Almost 60 percent of executives to these organizations say they’re susceptible to security threats, says a survey from cybersecurity company Indegy.
One of the critical infrastructure services at high risk is the healthcare sector.
Seventy-nine percent of healthcare workers fear their own personal data is insecure in a hospital data base, says cybersecurity company Venafi. Many are concerned about the impact that a breach can have on the healthcare system; not just financial costs, but reputations.
Eighty-seven percent worry that cyberattacks can compromise the public’s availability to healthcare, and its reliability.
“Unfortunately, cyberattacks spread just like infectious diseases,” says senior manager of threat intelligence for Venafi Nick Hunter. “Attackers target victims with weak security hygiene, adapt quickly and have learned to use security defenses to hide malicious activities in plain sight.”
Almost half of all infrastructure organizations plan to increase cybersecurity spending in the next 12-14 months, says Indegy. That higher budget can be applied to new technology.
Most hackers have an easy time breaching the oldest, and best known anti-virus softwares.
There are many different types of breaches in a hackers tool belt, but two specifically that traditional antivirus software is being outwitted by lately.
Cloud security and ransomware are being targeted and manipulated by cyberthieves, say two recent studies.
Cloud computing stores our data over the internet rather than on a hard drive. Hackers are able to breach that information for their own purposes. Ransomware is when a hacker obtains sensitive information and holds it for a money ransom. Research shows those who pay the ransom don’t always receive their stolen information back in exchange.
Only 16 percent of companies say that legacy antivirus software is effective to manage cloud security, says a study from Cybersecurity Insiders. That leaves 84 percent, who say traditional security solutions are either limited, or don’t work at all with cloud security.
Another 53 percent of U.S. companies blame these traditional security solutions for their failed ransomware prevention, says a study from cybersecurity company SentinelOne.
Forty-five percent of these companies that were hit with a ransomware attack last year, paid the ransom. Out of those companies, only 26 percent had their stolen files unlocked. Then, those companies were attacked with ransomware again 73 percent of their following incidents.
The U.S. pays higher ransoms, on average, than any other country in the world, according to SentinelOne. The average ransom value that U.S. companies pay is $57,088, while the global average is $49,060, the study says. And it costs companies nearly $1 million to correct a ransom incident.
Companies spend $900,000, on average, in ransom costs, loss of work time, and time spent responding to the breach. Totaling 44 hours of work time to respond to a ransomware breach.
“Attackers are continually refining ransomware attacks to bypass legacy antivirus software and to trick unwitting employees into infecting their organization,” says Raj Rajamani, a SentinelOne vice president. “Paying the ransom isn’t a solution either – attackers are treating paying companies like an ATM, repeating attacks once payment is made.”
Meet the Author
Article last modified on May 16, 2018. Published by Debt.com, LLC . Mobile users may also access the AMP Version: Can Video Games Protect Your Company From a Hack? - AMP.