Report: 88% of companies have experienced cyberattacks in the last two years

Despite companies around the world continuing to raise their cybersecurity budgets in the middle of an economic crisis, it is understood that almost 90% of organizations have been compromised by cybersecurity threats in the last two years, with 45% of companies reporting a known attack in the last 12 months alone (57% in Europe). A new report from automated security validation platform Pentera has highlighted how attacks have continued on organizations despite 92% of companies actually raising their overall IT security budgets in recent years.

The report, titled “The State of Pentesting 2023” surveyed 300 security executives who hold VP or C-Level positions in companies with more than 1,000 employees. Respondents were split between the U.S., the UK, and Western Europe and recorded their responses at the end of 2022. In 2021, cyberattacks were more common for American companies but that shifted last year with a new focus on European companies. Given the high number of reported attacks, it is clear that current defense strategies deployed by companies are insufficient in preventing cyber breaches.

Pentesting is a security exercise where a cybersecurity expert attempts to find or exploit vulnerabilities in a computer system (Photo: Shutterstock)

It is well documented that the Covid-19 pandemic amplified the significance of cyber insurance for companies, given that work-from-home patterns increased surface areas for hackers and weakened security for companies, increasing the frequency and intensity of attacks. In the last few years, 92% of organizations have utilized a defense-in-depth strategy, and yet the approximately 44 security solutions they have in place are proving no longer sufficient enough to adequately prevent attacks.

Pentesting is a security exercise where a cybersecurity expert attempts to find or exploit vulnerabilities in a computer system. The simulated attack is intended to spot weak spots in a system’s defense which could be taken advantage of by hackers. According to the report by Pentera, pentesting and IT security budgets have been increasing to meet these new challenges, with 42% of respondents in Europe reporting a 10% increase in their budgets compared to 17% in the U.S. However, only 22% of these companies cite compliance as their primary motivation for the activity, now shifting to security validation as the primary motivation for such a thing. On average, companies are spending roughly $208,000 on an annual pentesting budget, compared to $100,000 in 2020.

Pentera was founded in 2015 by Arik Liberzon (CTO) and Arik Faingold and has raised a total of $189 million. The Pentera platform automatically uncovers real exposures in the environment of organizations. By challenging its entire IT attack surface, the company can safely copy the actions of an attacker and provide real-time security validation at scale.