Security firms Tenable Network Security and SurfWatch Labs have published a whitepaper on the results of their annual cybersecurity survey which has been published in the SANS Reading Room: https://www.sans.org/reading-room/whitepapers/analyst/#paper36042

 

From the executive summary:

 

Infiltration or infection of the system:

32% of respondents have had their systems infiltrated or infected.

34% believe that their systems have been breached more than twice in the past 12 months.

15% took more than a month to detect the breach.

44% were unable to identify the source.

 

Number one threat vector:

42% external actors.

19% IT-OT integration.

11% insider threats.