Despite cybersecurity investments, breaches increased in 2019

A ServiceNow study has found that despite a 24% average increase in annual spending on prevention, detection and remediation in 2019 compared with 2018, breaches increased in 2019.

According to the findings of “Costs and Consequences of Gaps in Vulnerability Response” report, there was a 17% increase in cyberattacks over the past year, and 60% of breaches were linked to a vulnerability where a patch was available, but not applied. 

The survey’s highlights:

• 34% increase in weekly costs spent on patching compared to 2018;
• 30% more downtime vs. 2018, due to delays in patching vulnerabilities;
• 69% of respondents plan to hire an average of five staff members dedicated to patching in the next year, at an average cost of $650,000 annually for each organisation;
• 88% of respondents said they must engage with other departments across their organisations, which results in coordination issues that delay patching by an average of 12 days;
• nearly 27% increase in cyberattack severity compared to 2018;
• 74% of respondents said they cannot take critical applications and systems offline to patch them quickly;
• 72% of respondents said it is difficult to prioritise what needs to be patched.

ServiceNow commissioned the Ponemon Institute to survey nearly 3,000 IT security professionals in summer 2019. Respondents are based in Australia, France, Germany, Japan, the Netherlands, New Zealand, Singapore, the United Kingdom, and the United States. Founded in 2002, the Ponemon Institute is a research center specialising in privacy, data protection, and information security policy. The report presents the consolidated findings and comparisons to the 2018 study, Today’s State of Vulnerability Response: Patch Work Requires Attention.