Story image

60% of enterprises confirm global attacks have affected cyber protection choices

21 Jul 2017

The results from a recent survey of 290 security executives from across 11 EMEA countries have been released.

Sixty percent of respondents confirmed that recent global attacks (such as WannaCry) have had a direct effect on the way they protect their enterprises.

These findings are part of a broader survey conducted by the Neustar International Security Council (NICS), based on the personal opinions from hundreds of security professionals, including business managers, senior directors, CTOs and other professionals with a security remit and extensive cybersecurity industry experience.

"The majority of respondents indicating that recent global attacks have directly affected their protection choices shows that while awareness exists, it is clear that there's a disconnect between the concern of attacks and companies actually taking action,” says Rodney Joffe, head of NISC and Neustar senior vice president and fellow.

“This Index will provide tangible insights into how threats are perceived at any given time, which will aid IT decision-makers in justifying vital cybersecurity spending to the board of directors.”

Among other findings, respondents ranked ransomware as the most concerning with 28 percent of respondents selecting this threat followed by system compromise with 21 percent.

The positioning of ransomware as the top chief information security officer (CISO) concern is certainly understandable given the depth and breadth of the WannaCry attack which crippled global systems – it also gives a clear indication of current threat landscape awareness.

44 percent of respondents have focused on increasing their ability to respond to both ransomware and DDoS, confirming that current priorities for CISOs are avoiding both ransom requests and website disruption.

Almost half of respondents believe criminals are increasingly behind threats, while 38 percent agree that that threats from unknowns are on the rise. Meanwhile, 58 percent currently believe threats are increasing most from the world at large while 38 percent say they’re increasing from within a CISO’s own company.

Joffe says understandably, security professionals have their finger on the pulse of the landscape, with the survey responses demonstrating their clear knowledge of attacks and attackers.

“Tracking who respondents think attackers are and where attacks come from will be interesting, as we will be able to see how global events and news headlines might, or might not, influence the answers,” says Joffe.

“If news stories about election rigging lead to a rise in nation/state actors being considered a threat, then this will show up in the Cyber Benchmarks Index and provide a valuable regular touchpoint to take the industry temperature on cybersecurity. The results from this first survey taken in May 2017 have produced an initial index of 6.5, which is slightly elevated."

Joffe says over the coming survey periods, they will track the rise and fall of concerns which will obviously be affected by both external events, and concerns internal to respondents’ organisations.

Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
ExtraHop’s new partner program for enterprise security
New accreditations and partner portal enable channel partners to fast-track their expertise and build their security businesses.