Story image

60% of enterprises confirm global attacks have affected cyber protection choices

21 Jul 17

The results from a recent survey of 290 security executives from across 11 EMEA countries have been released.

Sixty percent of respondents confirmed that recent global attacks (such as WannaCry) have had a direct effect on the way they protect their enterprises.

These findings are part of a broader survey conducted by the Neustar International Security Council (NICS), based on the personal opinions from hundreds of security professionals, including business managers, senior directors, CTOs and other professionals with a security remit and extensive cybersecurity industry experience.

"The majority of respondents indicating that recent global attacks have directly affected their protection choices shows that while awareness exists, it is clear that there's a disconnect between the concern of attacks and companies actually taking action,” says Rodney Joffe, head of NISC and Neustar senior vice president and fellow.

“This Index will provide tangible insights into how threats are perceived at any given time, which will aid IT decision-makers in justifying vital cybersecurity spending to the board of directors.”

Among other findings, respondents ranked ransomware as the most concerning with 28 percent of respondents selecting this threat followed by system compromise with 21 percent.

The positioning of ransomware as the top chief information security officer (CISO) concern is certainly understandable given the depth and breadth of the WannaCry attack which crippled global systems – it also gives a clear indication of current threat landscape awareness.

44 percent of respondents have focused on increasing their ability to respond to both ransomware and DDoS, confirming that current priorities for CISOs are avoiding both ransom requests and website disruption.

Almost half of respondents believe criminals are increasingly behind threats, while 38 percent agree that that threats from unknowns are on the rise. Meanwhile, 58 percent currently believe threats are increasing most from the world at large while 38 percent say they’re increasing from within a CISO’s own company.

Joffe says understandably, security professionals have their finger on the pulse of the landscape, with the survey responses demonstrating their clear knowledge of attacks and attackers.

“Tracking who respondents think attackers are and where attacks come from will be interesting, as we will be able to see how global events and news headlines might, or might not, influence the answers,” says Joffe.

“If news stories about election rigging lead to a rise in nation/state actors being considered a threat, then this will show up in the Cyber Benchmarks Index and provide a valuable regular touchpoint to take the industry temperature on cybersecurity. The results from this first survey taken in May 2017 have produced an initial index of 6.5, which is slightly elevated."

Joffe says over the coming survey periods, they will track the rise and fall of concerns which will obviously be affected by both external events, and concerns internal to respondents’ organisations.

A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.