Round up: The latest vulnerability management data for 2021

There are a wealth of services, tools and platforms, like RankedRight, that have been purpose built to help you protect your business from cyberattacks. And yet, the latest vulnerability management data [released in July 2021] would suggest the battle is only getting tougher. It has never been more important to ensure your business is equipped with the best cyber tools, people and support and this article will round up the latest data that shows why.

Worldwide increase in cyberattacks

According to Checkpoint’s ‘Cyber Attack Trends: 2021 Mid-Year Report’, cyberattacks on businesses across the world have increased by 29% in the last six months alone. Broken down by region, it’s a 36% increase in EMEA, 36% growth in the Americas, and APAC has witnessed a 13% growth in attacks.

Ransomware attacks have increased by 93% compared to H1 2020 and it’s not just the stealing of organisations’ sensitive data; it’s now spread to the data of customers and partners too. This has been given the title “Triple Extortion”.

Businesses in EMEA and the Americas have experienced a 35% increase in cyberattacks in H1 2021

In case an attack on your business is successful, it pays to have a Cyber Incident Response plan in place. To get started with yours, check out our guide.

Cost of a Breach

IBM’s 2021 report ‘Cost of a Data Breach’ shows that the average cost worldwide has increased by 10% to $4.24 million.  In the US, the average cost is as high as $9.05 million with the costliest industry being healthcare at $9.23 million.  

This would cripple most businesses and as we explained in our article “The True Cost of Manual Triage”, this is just one of many costs that can be incurred if a business doesn’t address its cybersecurity approach in the best way.

The average cost of a data breach has increased by 10% in the last year to $4.24 million.

Cyber Insurance premiums are going up too

It follows that more breaches lead to more insurance claims which result in higher premiums next time as insurers try to recoup losses. And according to the latest Cyber Insurance Update from GlobalData, gross written premiums are forecast to total $8.92 billion in 2021, up from $7 billion in 2020. By 2025, it’s predicted the total will reach $20.6 billion.

Insurance premiums are forecast to increase globally by 27% to $8.92 billion in 2021.

According to the report, the key driver for this was the pandemic which presented cybercriminals with the opportunity to exploit global panic as well as businesses’ rapid digitisation of processes and adoption of remote working.

To minimise the potential increase in your insurance premium next year, read our guide ‘How to keep your cyber insurer happy’.

The causes of a breach remain the same

Interestingly, despite the increase in the number and success-rate of attacks, the cause of a breach remains the same. As Cobalt’s latest report ‘The State of Pentesting 2021’ finds, the same top five vulnerabilities have been plaguing businesses for four years in a row.  This means even though they know about them, they’re not doing enough to address them.

The top five vulnerabilities, according to the research, are:

• Server Security Misconfigurations

• Cross-Site Scripting

• Broken Access Control

• Sensitive Data Exposure

• Authentication and Sessions

Cobalt suggests the explanation for this are gaps in secure development, ineffective remediation, insufficient investment in security awareness and training, a lack of resources, or bugs staying open because of low perceived impact. Over 50% of those surveyed said the biggest obstacle to remediation of vulnerabilities was that there were too many manual processes in place.

The top five vulnerabilities facing businesses have been the same for the last four years…. And the biggest obstacle to their remediation is having too many manual processes in place.

At RankedRight, we cut out one of the biggest manual processes of all in remediation – the prioritisation of vulnerabilities. RankedRight automates your vulnerability triage based on rules you set, allowing you to divert your time and attention to where it’s needed most.

The latest reports paint a troubling picture for cybersecurity, not just this year but for years to come. Take action to improve your defences today.