Cyberattacks reported by 91% of firms in 2022: report

by Chris Lange

Chris Lange, FISM News


Cyberattacks have increased by 3% from last year, with 91% of polled firms reporting at least one cyber incident over the past 12 months, according to a new study conducted by management consulting firm Deloitte. More than half of respondents reported that cyberattacks disrupted their operations.

The survey was conducted among 1,000 “cyber decision-makers” in 20 countries representing six industries.

“Since our previous report in the last quarter of 2021, global industries have continued to navigate constant disruption on multiple fronts, while adjusting their priorities, business initiatives, and capabilities accordingly,” the report stated.

The study found that 76% of respondents said that they have turned to automation “to detect and mitigate cyber risk,” up from 53% in 2021. However, 47% said they lack the “skilled cybersecurity” personnel needed to mitigate risks. 

The report noted an increase in cyberattacks on businesses over the past year. Checkpoint, a cybersecurity solutions firm, found that global cyberattacks were up 28% in the third quarter compared to the same period last year, with healthcare listed among the top industries targeted. 

“With cyber threats growing and advancing around the globe, there is no architecture or approach that can guarantee absolute security and risk mitigation,” Emily Mossburg, Deloitte Global Cyber Leader, said in a statement. “We’re now seeing cyber transcend its traditional IT roots and become an essential part of future-proofing businesses — which will be critical in the year ahead as digital transformation continues to be a top investment.”

The report notes that, as cyberattacks have increased, global firms have been forced “to navigate constant disruption” that has forced organizations “to adjust their priorities and business initiatives to consider the latest technologies, while also working with extended ecosystems to develop solutions — including data protection and privacy, cyber cloud, infrastructure security, and application security.”

Deloitte said its findings underscore the need for organizations to invest in increasing their cyber efficiency and resilience. 

“To enable growth, organizations need to focus on hiring and developing the right cyber talent, executing thorough digital planning, and partnering with extended ecosystems, all while incorporating cyber into strategic business initiatives,” the report concludes.

The Biden administration created a Cyber Safety Review Board (CSRB) in February of this year to “review and assess significant cybersecurity events so that government, industry, and the broader security community can better protect our nation’s networks and infrastructure.” The CSRB was formed in response to “vulnerabilities discovered in late 2021 in the widely used log4j software library” that the U.S. Department of Homeland Security said had been “exploited by a growing set of threat actors,” presenting “an urgent challenge to network defenders.”

In a bit of good news, the survey found that 86% of “cyber decision-makers” reported that an increased focus on implementing cybersecurity measures “has made a significant, positive contribution to business,” according to Deloitte.  

“This year’s report shows how cyber is now woven more tightly into business operations, outcomes, and opportunities,” Mossburg said.