Global businesses not prepared for “terrorism on steroids”
The Russian invasion of Ukraine has not only tragically upended the lives of countless people in a sovereign nation but is also causing geopolitical shockwaves that will reverberate for the foreseeable future, according to a new report which highlights global IT and security professionals' sentiment on cyberwarfare.
Asset visibility and security company Armis’ State of Cyberwarfare and Trends Report: 2022-2023 shares sentiment from more than 6,000 global respondents across multiple industries, including healthcare, critical infrastructure, retail, supply chain and logistics, and more.
Today's targets extend well beyond the higher levels of the opposition governments; any organisation is a potential victim, with critical infrastructure and high-value entities at the top of the list, say the report authors.
"Cyberwarfare is the future of terrorism on steroids, providing a cost-effective and asymmetric method of attack, which requires constant vigilance and expenditure to defend against," says Nadir Izrael, CTO and Co-founder of Armis. "Clandestine cyberwarfare is rapidly becoming a thing of the past. We now see brazen cyberattacks by nation-states, often with the intent to gather intelligence, disrupt operations, or outright destroy data. Based on these trends, all organisations should consider themselves possible targets for cyberwarfare attacks and secure their assets accordingly."
Key global findings from the Armis State of Cyberwarfare and Trends Report: 2022-2023 include:
- One-third (33%) of global organisations are not taking the threat of cyberwarfare seriously, identifying as indifferent or unconcerned about the impact of cyberwarfare on their organisation as a whole, leaving room for security gaps.
- Nearly a quarter of global organisations (24%) feel underprepared to handle cyberwarfare. Even still, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22%).
- Over three in five (64%) IT and security professionals surveyed agree with the statement, 'The war in Ukraine has created a greater threat of cyberwarfare.'
- Over half (54%) of professionals who are the sole decision maker for IT security said they experienced more threat activity on their network between May 2022 and October 2022 compared to the six months prior.
- Over half (55%) of IT professionals surveyed agree with the statement, 'My organisation has stalled or stopped digital transformation projects due to the threat of cyberwarfare.' This percentage is even higher in specific countries, including Australia (79%), the U.S. (67%), Singapore (63%), the UK (57%), and Denmark (56%).
- When asked about their organisation's policy on paying ransoms in the event of a ransomware attack, IT professionals globally were divided in their responses. Twenty-four per cent of respondents indicated their organisation always pays, 31% said their organisation only pays when customer data is at risk, 26% said the organisation never pays, and 19% indicated that it depends.
- Just over three-quarters (76%) of IT professionals surveyed agree that the boards of directors are changing their organisation's culture towards cybersecurity in response to the threat of cyberwarfare.
- Almost four in five (78%) IT professionals surveyed said, when thinking about recent and ongoing sudden global events (such as the pandemic, Ukraine conflict, etc.), it's likely that their company invests more of its budget into cybersecurity, with nearly two in five (37%) who think it's very likely.
Proprietary data from the Armis Asset Intelligence and Security Platform collected from June-November last year confirmed trends haven't slowed, only worsened. Threat activity against the global Armis customer base increased by 15% from September to November when compared to the three months prior.
Armis identified the largest percentage of threat activity against critical infrastructure organisations, with healthcare organisations the second most targeted when compared to various industries.
In addition to the key global findings from the report and complimentary proprietary data from the Armis platform, Armis zoomed in on regional trends with unique country-by-country analysis within breakout reports for the US, UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore).
- Resilience: Firms Fail to Grasp Cyber Financial ImpactCyber Security
- 81% of enterprises searching for new cybersecurity vendorsCyber Security
- Cybercriminals looking for ports in stormy new world of workCyber Security
- Misused monitoring tools turn phones into spies for spousesApplication Security