Some of the world's biggest firms have been hit multiple times by hackers this year alone

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

A third of organizations have been hit with multiple cyberattacks this year, often resulting in the compromise of customer data. 

A new report from cybersecurity experts Trend Micro, which claims businesses are struggling to defend an attack surface that just keeps getting bigger. 

Surveying more than 4,100 businesses across North America, Latin America, Europe, and Asia-Pacific, the researchers concluded that the level of risk grew significantly between H2 2021, and H1 2022. It found the number of firms expecting to be successfully hit rose from 84% to 90% compared to H1 2021, while the number of those expecting to be compromised over the coming year grew from 76% to 85%. 

Complex IT environments

For Jon Clay, VP of threat intelligence at Trend Micro, hybrid working is making life difficult for IT departments everywhere. 

"You can't protect what you can't see. But with hybrid working ushering in a new era of complex, distributed IT environments, many organizations are finding it difficult to eradicate growing security coverage and visibility gaps. To avoid the attack surface spiraling out of control, they need to combine asset discovery and monitoring with threat detection and response on a single platform."

One of the biggest risks, when it comes to cyberattack preparedness, is related to the organization’s capabilities to discover its attack surface. Security professionals are struggling to identify the actual physical location of business-critical data assets, as well as applications, the researchers are saying. 

From the business perspective, on the other hand, the misalignment between CISOs and business executives is another major concern. In other words, bringing in more cybersecurity professionals, as well as improving security processes and technologies, is the way forward, Trend Micro says. 

Overall, the biggest threats these days are business email compromise, clickjacking, fileless attacks, ransomware and malware, and credential theft. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.