NEW

The True Cost of a Security Breach

Arrow pointing right
ExtraHop Logo
Contact us
Menu iconX icon
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right
Sign In
Contact us

Arrow pointing leftBlog

2023 Global Cyber Confidence Index: Pay Down Cybersecurity Debt or Get Sent to Collections

Michael Clark

April 12, 2023

Like other kinds of debt, cybersecurity debt only gets worse over time if you don’t address it. The unpatched software vulnerabilities, unmanaged devices, shadow IT, and insecure network protocols won’t just go away on their own. And, like other debts, it eventually comes due. But it won’t be a bank or even a shady loan shark who asks you to pay up. It’ll be a ransomware gang or a state-backed hacking group.

Escape the Cybersecurity Debt Spiral

In the second edition of the Global Cyber Confidence Index, ExtraHop worked with Wakefield Research to survey 950 IT decision makers from the U.S., Europe, and Asia-Pacific about their security practices and postures, experiences with ransomware, and confidence in their organization’s security measures. The results may surprise you.

Over three quarters of respondents said that outdated cybersecurity practices have contributed to at least half of the cybersecurity incidents they’ve faced. But how many incidents is that, exactly? We found that the average number of ransomware incidents organizations face is on the rise. In 2021, organizations experienced four attacks over five years, on average. By 2022, that figure reached four over the course of one year. That’s alarming.

Cybercriminals and state-backed actors have made a lucrative trade out of capitalizing on organizations’ cybersecurity debt. We found that 83% of survey respondents have paid a ransom at least once. Worse still, 52% pay the ransom most or all of the time; that’s up 12% from 2021. When you factor in the size of the average ransom payment ($925,000, according to Palo Alto Networks Unit 42) and the fact that many ransom-takers leave backdoors so they can strike again and again, the cost of cybersecurity debt starts spiraling fast.

You’d think with all this in mind, more organizations would be working to pay down their cybersecurity debt. But that’s not what our research shows. Fewer than one third of respondents have urgent plans to address outdated security practices.

Starting to think it’d be a good idea to pay down your cybersecurity debt? Read the full 2023 Global Cyber Confidence Index report to learn the leading causes of cyber debt and how you can start remediating it.

Discover more

CybersecurityIndustry TrendsC-LevelSecurity Threats

Explore related articles

How one Retailer Prevented a Repeat Ransomware Attack

April 14, 2022

Most ransomware victims see repeat attacks. Learn how one security team used ExtraHop Reveal(x) to detect dormant ransomware before it could strike twice.

RansomwareCybersecurityStoriesHow-ToNDRProductsIndustry-Specific
Read articleArrow pointing right

The Truth About Cyber Risk: CISOs Confront Ethical Dilemmas

March 22, 2023

CISOs face increasing pressure to downplay cyber risks and incidents; these ethical dilemmas can have disastrous personal and professional consequences.

CybersecurityIndustry TrendsNewsC-Level
Read articleArrow pointing right

CrowdStrike Threat Report Highlights Shift in Attacker TTPs

March 16, 2023

Findings from the CrowdStrike 2023 Threat Report underscore the need to combine EDR with NDR solutions to defend against changing attacker TTPs.

NDRRevealXCybersecuritySecurity Threats
Read articleArrow pointing right

Experience RevealX NDR for Yourself

Schedule a demo
Contact us