lolloj - Fotolia
While 43% of those polled said targeted attacks had increased by more than 20% to 40%, one-fifth said attacks had increased by at least 40% or more.
There has also been a significant increase in the number of successful cyber attacks in the past year, according to 41% of those polled.
Only 47% of the respondents said confidence in their organisations’ ability to detect and respond to a cyber attack had risen in the past 12 months, while 33% said confidence was unchanged, and 17% said confidence had decreased.
More than half also said they do not have the visibility necessary for accurate tracking of all the threats targeting their networks, with 38% saying they were unable to accurately track all threats because there are just too many.
In July 2015, a Ponemon Institute study showed that enterprises in Europe, the Middle East and Africa are spending 272 hours a week or nearly £516,000 a year on average dealing with false positive cyber security alerts.
Organisations are dealing with nearly 10,000 malware alerts a week, but only 22% are considered reliable and only 3.5% are deemed worthy of further investigation, the study revealed.
Many security industry experts believe that because successful cyber attacks have become inevitable, organisations should ensure that at least some of their security budgets is dedicated to building the capability to detect and respond to cyber intrusions, and not just to blocking attacks at the network perimeter.
Read more about nation-state attacks
- The problem of attribution and the disclosure dilemma continue to hamper cyber diplomacy, but the US might just have cracked the attribution problem, according to former diplomat David An
- A survey has revealed that 53% of UK citizens are concerned about other countries launching damaging cyber attacks against the UK
- The lack of cyber security is a major threat to the civilised world and will change how people see the nation state, says security firm Stonesoft
“Organisations know they are being actively targeted and that their current capabilities aren’t enough to consistently detect and defend against these attacks,” said Tim Erlin, director of IT security and risk strategy for Tripwire.
“While new defensive technologies are constantly being developed organisations are hard-pressed to deploy these new tools effectively,” he added.
According to Erlin, many organisations would do well to evaluate their investment in foundational security controls. “Although these controls are not new, they are the backbone of effective breach detection and response,” he said.