New data from TrendMicro and Ponemon shows how almost organizations globally are not fully prepared for the looming threat of almost-certain cyberattacks.

We’d all like to think our organizations are ready for any kind of cyberattack. But the recently released Cyber Risk Index report from Trend Micro covering the second half of 2021 shows that the difference between the threat landscape and organization’s preparedness remains in the favor of the cybercriminal.

The index below shows how most organizations, by region, are still in the negative, which denotes a lack of preparedness for the current threat landscape.

According to the report, despite the seemingly small negative index values, the likelihood of attacks in the next 12 months is staggering:

  • The likelihood of one or more successful cyberattacks in the next 12 months is 76%
  • The likelihood of a data breach of critical data (IP) in the next 12 months is 71%
  • The likelihood of a data breach of customer data in the next 12 months is 67%

Trend Micro advise (among other protective steps) to “implement attack surface discovery”. What I find interesting is that we already know the number one attack surface today remains the employee and their Inbox with phishing attacks still dominating as the primary initial attack vector for most cyberattacks. It’s only through continual Security Awareness Training that this well-known attack surface can be protected.

The good news is those likelihoods above have gone down since the first half of 2021, but with the likelihoods so high, it remains imperative that every attack surface be addressed, including your users.