How can you tell when you've been hit by a cyber attack? It's not always immediately obvious that cybersecurity has been breached but detection and response are critical. Immediate detection reduces the average cost of recovery dramatically – on average from $1.2m to $102,000 for larger companies, according a report by Kasperky Lab. New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks advises to organisations to think ahead, saying that prevention is still the best strategy but that being in a position to identify a breach is extremely important.

The main findings of the report were:

Targeted attacks make conventional approaches to cybersecurity obsolete

Targeted attacks have become one of the fastest growing threats in 2017, increasing in overall prevalence by 6% compared to 2016 and by 11% for enterprises. Comprising of not just common malware, but a unique malicious pattern that cybercriminals are using on organizations, a targeted attack is extremely dangerous for companies that rely solely on conventional approaches to cybersecurity.

Companies are unsure of how to respond to a targeted attack

As there’s no such thing as a common approach to fighting complex threats, businesses are struggling to understand how to deal with targeted attacks, with 42% of respondents admitting that they are unsure of the most effective response strategy. Worryingly, this figure is significantly higher (63%) among respondents who are IT security experts.

Need for more IT security professionals

A lack of IT security experts, especially those with specific knowledge in SOC management, incident response and threat hunting, is aggravating the situation. Half of businesses (50%) admit that they need to hire more experienced IT security professionals and a shortage of internal dedicated staff increases exposure to targeted attacks by 15%.

Reluctance to spend more on security

However, organizations are reluctant to increase their security spend on protection against targeted attacks: 78% of respondents think they are currently spending enough, or even overspending, when it comes to investing in advanced threat defence.

Speed of detection is critical to reduce cost

Meanwhile, there is a clear need for security solutions that go beyond prevention, as speed of detection is critical when it comes to the cost of breaches. When attacks were detected immediately, the average cost of recovery was $63,000 for SMBs and $102,000 for enterprises, compared to $465,000 and $1.2m respectively if detection took more than one week.

Solution involves human expertise

Finally, efficient incident response is not just about technology. To be able to effectively combat complex cyberthreats, organizations need to think about it as a process, not a destination. In addition to the right technologies, the strategy should also involve human expertise (in house or outsourced), incident investigation frameworks, procedures and cost-efficiency planning.