According to a report prepared by Fastly Researchlas Public sector organizations took 6.7 months to recover from cybersecurity breaches in 2024, 27% more than expected and more than a month above the expected deadline for this, set at 5.3 months.
The report, the latest edition of Fastly’s Global Security Research Report, also indicates that these types of organizations suffered an average of 42 attacks in the last year. To prepare it, a survey was carried out among 1,800 decision makers related to IT and with influence on cybersecurity. They all belong to large organizations from various sectors in the American continent, Europe, Asia-Pacific and Japan
The report also reflects that public sector organizations were also the most likely to have periods of downtime or service outages as a result of an attack. 47% of them suffered it, a percentage that is 9% higher than the average for all sectors.
As attacks become more frequent, and organizations take longer to recover from them, 79% of organizations plan to increase their spending on security tools next year, although the public sector invests the least in cybersecurity .
But despite this improvement in investment in this type of tools, 48% of cybersecurity managers surveyed for the report point out that the increasingly sophisticated threat landscape continues to create barriers to their ability to be prepared. to face future attacks.
The outages of IT systems around the world have also served as a wake-up call for security professionals, who are now more carefully analyzing their supplier options, as well as the value of cybersecurity investments. In this last year, 37% of public sector organizations expressed concern about the reliability and quality of the software in their security stack.
Additionally, 19% considered changing vendors, and 70% of organizations have changed their testing and update deployment strategy in response to various reliability-related incidents.
When it comes to software security, organizations are reassessing how security is integrated into their operations. Increasingly, stakeholders outside of traditional security teams, including platform engineering teams, have as much of a say in the application security solutions being adopted.
19% of respondents said their organization’s priority was adopting a platform engineering approach to software security. This is also reflected in a shift in responsibility, with platform engineering teams believing they are responsible for 8% of security incidents. CISOs believe they are responsible for 7%, and CIOs for another 8%.
According to Marshall Erwin, CISO de Fastly«the Total recovery of the gaps is not being faster. Lost revenue, reputation, and time permanently damage business-to-business relationships and take resources away from other areas of the organization. “As attacks continue unabated and there is always the potential for new high-impact errors, it is crucial that any changes companies make to their cybersecurity strategies fit into a comprehensive plan and are not a knee-jerk reaction.”
Erwin has also noted that «he Cybersecurity spending is in the spotlight as businesses continue to feel unprepared to deal with an ever-evolving threat landscape. We are seeing a shift towards shared responsibility for security across organizations, with greater attention to incorporating security measures into all projects. “Companies that embrace security and establish strong partnerships with security organizations early in the product development process are better positioned to address emerging threats and recover more quickly from attacks.”
