More than a third of businesses have no response plan in place for cyber attacks, a study has found.
In a survey by F5 Networks of attendees at the Infosecurity Europe show in London, an alarming number felt unprepared should their organisation be hacked.
A recent government report found the average cost of a severe online security breaches for large organisations now starts at £1.46 million – up from £600,000 in 2014.
>See also: Top 6 cyber security predictions for 2016
F5’s survey also highlighted the broad nature of the threats security pros are facing. Asked what their top three security concerns were, network attacks (19%), malware (18%) and application data breaches (17%) were all highlighted, with DDoS attacks (16%), cloud-related data breaches (14%) and web fraud attacks (13%) closely behind.
DDoS attacks remain common, with 35% believing their business has either definitely or very likely suffered an attack.
When asked what their primary solution was for a DDoS attacks, respondents listed firewalls (33%), hybrid mitigation (17%) and web application firewalls (14%) as the top three.
In terms of types of DDoS attack, respondents listed ‘blended DDoS’ attacks (26%) as the biggest threat followed by ‘application level’ (25%) and ‘volumetric-based’ (19%).
Extortion-driven attacks (15%) scored bottom – surprising considering the increasing number of cyber-ransom style attacks reported in the media.
The survey also revealed that hybrid DDoS mitigation (17%) was a more popular solution than an on-premise DDoS mitigation approach (15%).
>See also: How blockchains are redefining cyber security
“Considering barely a week goes by without a high profile hack or data leak, it is very surprising that as many as 36% of businesses are yet to put in place a cyber-attack response plan,” said Gad Elkin, security director EMEA at F5. “Secondly, it is interesting to see that security professionals were unable to name a clear primary threat when asked for their top three security concerns.
“The fact issues such as network attacks, malware, application breaches, DDoS and cloud-related data breaches all scored within a few percentile points of each other highlights the range of threats out there, and the significant task facing security professionals whose job it is to keep businesses, users and customers safe.”