Security firms Tenable Network Security and SurfWatch Labs have published a whitepaper on the results of their annual cybersecurity survey which has been published in the SANS Reading Room:


From the executive summary:


Infiltration or infection of the system:

32% of respondents have had their systems infiltrated or infected.

34% believe that their systems have been breached more than twice in the past 12 months.

15% took more than a month to detect the breach.

44% were unable to identify the source.


Number one threat vector:

42% external actors.

19% IT-OT integration.

11% insider threats.