Radware released their Global Application & Network Security Report 2015-16. The report outlines top-level findings of the Radware industry survey on cyber attacks in the past year and offers best practice advice to organizations in planning for cyber-attack protection in 2016.
The report observes that the new generation of cyber attackers are demonstrating more patience and persistence, leveraging "low and slow" attack techniques that misuse application resources rather than those in network stacks. In order to avoid detection and mitigation, they are using evasive techniques, which can prove highly destructive.
Mr Nikhil Taneja, Managing Director - India & SAARC at Radware said, "Many organizations are still relying on a patchwork of solutions that may not be effective in dealing with the new types of cyber threats that involve multiple vectors. Organizations will need to deploy more robust security solutions that can fully protect them against all types of attacks."
The Radware survey was conducted across 311 respondents representing a wide variety of organizations globally. The key findings of the survey include
More than 90% organizations reported they had experienced cyber attacks in 2015.
Education and Hosting industries moved from "Medium" to "High" risk, indicating that they are likely to experience more DoS/DDoS and other cyber-attacks and at a higher frequency.
While over 60% indicated being well prepared to safeguard against unauthorized access and worm and virus damage, the same proportion of respondents indicated somewhat not prepared against advanced persistent threats (APT) and information theft.
There is an increase in adoption of Hybrid Solutions that integrate cloud-based protection with on premise protection. In 2015, 41% of survey participants indicated utilizing a hybrid solution. In 2014, just 21% said the same.
While reputation loss was still the biggest business concern after a cyber-attack, the percentage citing it as such decreased significantly from 47% in 2014 to 26% in 2105. More respondents are concerned about customer loss or service availability.
There's been a significant growth in ransom as motivation for attackers, which increased from 16% in 2014 to 25% in 2015.
DDoS attacks continue to be the biggest threat for organizations as noted by almost half of the respondents, while unauthorized access follows as a close second.