Businesses suffered nearly 43 million known security incidents in 2014. This increased 48% compared with 2013 and equals some 117,000 attacks daily.  And still, many boards and executives don’t have the information and resources they need to make effective business decisions on cybersecurity. AT&T is now sharing its own insights and research in its first Cybersecurity Insights Report in an effort to better equip other businesses to secure their own data.
 
Drawing upon decades of experience operating one of the largest global networks, AT&T offers a look into the technological and operational gaps where attacks occur. “Every company either has been breached or will be breached,” said Ralph de la Vega, president and CEO, AT&T Mobile and Business Solutions. “Keeping a business protected should be a company-wide priority. Every employee, contractor, and administrator is responsible for keeping security top of mind.”
 
AT&T reports that there was a 62% increase in the number of Distributed Denial of Service attacks, or attacks that disrupted company operations, over the past 2 years. And AT&T has seen a dramatic 458% increase in the number of times hackers searched Internet of Things connections for vulnerabilities. However, not all businesses are taking action:

• Nearly 75% of businesses do not involve their full board of directors in cybersecurity oversight.

• Approximately 51% of organizations are not re-evaluating their information security as a result of high-visibility data breaches.

• Roughly 78% of all employees do not follow the security policies set forth by their employer. 

With the dramatic increase in hacker activity, AT&T believes that sharing its security insights and expertise will help others stay protected. In the first Cybersecurity Insights Report, AT&T has outlined the primary security threats businesses face both inside and outside of their companies:

• Corporate espionage: Spies looking to steal intellectual property.

• Nation States: Groups looking to access information for their own benefit or cause.

• Organized cybercrime: Digital criminals that act using malware and hacking to extract information for financial gain.

• Hacktivists: Groups of hackers that use cyberattacks to promote social change or impact public policy.

• Malicious insiders: Employees or those with internal access that use company information for their own gain. 

Every executive should consider who has access to various types of information, and why their business might be a target. They need to know how security teams should communicate information to their board.