Story image

60% of enterprises confirm global attacks have affected cyber protection choices

21 Jul 17

The results from a recent survey of 290 security executives from across 11 EMEA countries have been released.

Sixty percent of respondents confirmed that recent global attacks (such as WannaCry) have had a direct effect on the way they protect their enterprises.

These findings are part of a broader survey conducted by the Neustar International Security Council (NICS), based on the personal opinions from hundreds of security professionals, including business managers, senior directors, CTOs and other professionals with a security remit and extensive cybersecurity industry experience.

"The majority of respondents indicating that recent global attacks have directly affected their protection choices shows that while awareness exists, it is clear that there's a disconnect between the concern of attacks and companies actually taking action,” says Rodney Joffe, head of NISC and Neustar senior vice president and fellow.

“This Index will provide tangible insights into how threats are perceived at any given time, which will aid IT decision-makers in justifying vital cybersecurity spending to the board of directors.”

Among other findings, respondents ranked ransomware as the most concerning with 28 percent of respondents selecting this threat followed by system compromise with 21 percent.

The positioning of ransomware as the top chief information security officer (CISO) concern is certainly understandable given the depth and breadth of the WannaCry attack which crippled global systems – it also gives a clear indication of current threat landscape awareness.

44 percent of respondents have focused on increasing their ability to respond to both ransomware and DDoS, confirming that current priorities for CISOs are avoiding both ransom requests and website disruption.

Almost half of respondents believe criminals are increasingly behind threats, while 38 percent agree that that threats from unknowns are on the rise. Meanwhile, 58 percent currently believe threats are increasing most from the world at large while 38 percent say they’re increasing from within a CISO’s own company.

Joffe says understandably, security professionals have their finger on the pulse of the landscape, with the survey responses demonstrating their clear knowledge of attacks and attackers.

“Tracking who respondents think attackers are and where attacks come from will be interesting, as we will be able to see how global events and news headlines might, or might not, influence the answers,” says Joffe.

“If news stories about election rigging lead to a rise in nation/state actors being considered a threat, then this will show up in the Cyber Benchmarks Index and provide a valuable regular touchpoint to take the industry temperature on cybersecurity. The results from this first survey taken in May 2017 have produced an initial index of 6.5, which is slightly elevated."

Joffe says over the coming survey periods, they will track the rise and fall of concerns which will obviously be affected by both external events, and concerns internal to respondents’ organisations.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.