Most organisations, he said, discover cyberattacks through external entities like a law enforcement agency or a security vendor despite significant investment in internal security controls and tools