40% of organizations are unprepared for phishing attacks

Cyber risks, ransomware and cyberattacks were analyzed in a recent report by Viking Cloud. According to the surveyed companies, cyberattacks have increased in frequency (49%) and severity (43%) over the past 12 months. 

The report found that 96% of companies are confident in their ability to detect and respond to cyberattacks in real time. However, the same companies were unprepared for cyber risks, including ransomware attacks against a critical third party (48%), phishing attacks (40%), DNS attacks (33%) and ransomware attacks against their business (32%). 

According to the report, 53% reveal emerging AI attack methods are creating new attack points for which they are unprepared. The most worrying AI threats include Generative AI (GenAI) model prompt hacking (46%), Large Language Model (LLM) data poisoning (38%), Ransomware as a Service (37%), GenAI processing chip attacks (26%), Application Programming Interface (API) breaches (24%) and GenAI phishing (23%). 

Fifty-five percent of companies believe modern cybercriminals are more advanced than their internal team, and 35% reported the technology cybercriminals use is more sophisticated than the tech to which their team has access. 

The report found that 10% of companies have increased cyber hiring in the past 12 months, and nearly 20% of companies say a lack of qualified talent is a key challenge to overcoming cyberattacks. Thirty-five percent of companies don’t have enough budget to invest in new tech and 32% don’t have enough budget to hire more staff. 

According to the report, 33% of companies were late to respond to cyberattacks because they were dealing with a false positive, and 63% spend more than 208 hours per year managing false positives. Overall, 68% of cyber teams surveyed could not currently meet The Securities and Exchange Commission’s four-day disclosure requirement and cyber industry benchmark based on the average amount of time they estimate it would take to respond to a new, serious attack. 

Read the report.