Global businesses not prepared for “terrorism on steroids”

Organisations are not prepared to handle cyberwarfare, responses to ransomware vary wildly, and cybersecurity spending is on the rise, a new report reveals

The Russian invasion of Ukraine has not only tragically upended the lives of countless people in a sovereign nation but is also causing geopolitical shockwaves that will reverberate for the foreseeable future, according to a new report which highlights global IT and security professionals' sentiment on cyberwarfare.

Asset visibility and security company ArmisState of Cyberwarfare and Trends Report: 2022-2023 shares sentiment from more than 6,000 global respondents across multiple industries, including healthcare, critical infrastructure, retail, supply chain and logistics, and more.

Today's targets extend well beyond the higher levels of the opposition governments; any organisation is a potential victim, with critical infrastructure and high-value entities at the top of the list, say the report authors.

"Cyberwarfare is the future of terrorism on steroids, providing a cost-effective and asymmetric method of attack, which requires constant vigilance and expenditure to defend against," says Nadir Izrael, CTO and Co-founder of Armis. "Clandestine cyberwarfare is rapidly becoming a thing of the past. We now see brazen cyberattacks by nation-states, often with the intent to gather intelligence, disrupt operations, or outright destroy data. Based on these trends, all organisations should consider themselves possible targets for cyberwarfare attacks and secure their assets accordingly."

Key global findings from the Armis State of Cyberwarfare and Trends Report: 2022-2023 include:

  • One-third (33%) of global organisations are not taking the threat of cyberwarfare seriously, identifying as indifferent or unconcerned about the impact of cyberwarfare on their organisation as a whole, leaving room for security gaps.

  • Nearly a quarter of global organisations (24%) feel underprepared to handle cyberwarfare. Even still, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22%).

  • Over three in five (64%) IT and security professionals surveyed agree with the statement, 'The war in Ukraine has created a greater threat of cyberwarfare.'

  • Over half (54%) of professionals who are the sole decision maker for IT security said they experienced more threat activity on their network between May 2022 and October 2022 compared to the six months prior.

  • Over half (55%) of IT professionals surveyed agree with the statement, 'My organisation has stalled or stopped digital transformation projects due to the threat of cyberwarfare.' This percentage is even higher in specific countries, including Australia (79%), the U.S. (67%), Singapore (63%), the UK (57%), and Denmark (56%). 

  • When asked about their organisation's policy on paying ransoms in the event of a ransomware attack, IT professionals globally were divided in their responses. Twenty-four per cent of respondents indicated their organisation always pays, 31% said their organisation only pays when customer data is at risk, 26% said the organisation never pays, and 19% indicated that it depends.

  • Just over three-quarters (76%) of IT professionals surveyed agree that the boards of directors are changing their organisation's culture towards cybersecurity in response to the threat of cyberwarfare.
    ​​​​​​​
  • Almost four in five (78%) IT professionals surveyed said, when thinking about recent and ongoing sudden global events (such as the pandemic, Ukraine conflict, etc.), it's likely that their company invests more of its budget into cybersecurity, with nearly two in five (37%) who think it's very likely.

Proprietary data from the Armis Asset Intelligence and Security Platform collected from June-November last year confirmed trends haven't slowed, only worsened. Threat activity against the global Armis customer base increased by 15% from September to November when compared to the three months prior. 

Armis identified the largest percentage of threat activity against critical infrastructure organisations, with healthcare organisations the second most targeted when compared to various industries.

In addition to the key global findings from the report and complimentary proprietary data from the Armis platform, Armis zoomed in on regional trends with unique country-by-country analysis within breakout reports for the US, UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore).

Share

Featured Articles

Arctic Wolf: BEC Now Top Method of Cyber Attack on Business

A new study has revealed that Business Email Compromise attacks are now the primary method used by cybercriminals to target organisations.

BlueVoyant's Tom Moore Talks Legal Procedure Following Hack

BlueVoyant's Tom Moore explains how companies should act with legal council following a cyber attack

GDPR: Studying the World's Strictest Security Law 6 Years On

We take a look at the history, impact, and future of GDPR to see how it has effected the cyber sphere six years after its enactment

Banking Titan Baird Gives 9 Pointers for Cyber Investors

Cyber Security

OpenText's Pillr Buy Show Acquisitions Still in its Strategy

Cyber Security

Zoom Prepares for Quantum World with Post-Quantum Encryption

Cyber Security