Dive Brief:

• A study released Monday found that 79% of security and IT professionals lack strategies to mitigate external internet threats.
• The study, from the Ponemon Institute and BrandProtect, found that the majority of the 505 enterprises and financial institutions surveyed need better resources and infrastructure to identify and mitigate threats such as "executive impersonations, social engineering exploits and branded attacks arising outside a company’s traditional security perimeter."
• Those surveyed said they suffered an average of 32 cyberattacks per year, which costs an average $3.5 million annually.

Dive Insight:

Respondents pointed to lack of staff expertise and technology as key challenges to their ability to address external threats. Though there is a general awareness of the potential dangers, respondents said lack of resources prevents them from implementing strategies to prevent attacks. Those surveyed described their security processes for internet and social media monitoring as non-existent (38%), ad hoc (23%) or inconsistently applied throughout the enterprise (18%).

Respondents said that monitoring the internet and social media is critical to gaining intelligence about external threats.

"The majority of security leaders understand that these external internet threats imperil business continuity," said Larry Ponemon, president of the Ponemon Research Institute. "The study highlights a gap in defenses against threats that have proven to be extremely effective for cybercriminals and costly for enterprises."

The costs of these cyberattacks is also rising. Those companies surveyed averaged more than one cyberattack per month. And, if a company suffers a data breach, it will cost an average of $7.01 million, according to a Ponemon Institute and IBM study released last month.