Seven out of 10 CISOs see cyber warfare as imminent threat to their organizations
Over 40% of IT professionals are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security, a new study finds
Cybertech
| 23/09/2020
Photo: Bigstock
Seven out of every every ten CISOs believe cyberwarfare is a threat to their organization, and yet just over a fifth admit to not even having a strategy in place to mitigate this risk, according to a new survey of thousands of IT professionals released Tuesday by cybersecurity company Bitdefender.
This is seen as especially alarming during a period of unprecedented global disruption, as half of infosec professionals agree that the increase of cyber warfare will be detrimental to the economy in the next 12 months, the company said.
Bitdefender's "10 in 10 Study" was carried out among more than 6,700 IT workers in a broad cross-section of organizations and industries, ranging from companies with around 100 employees to publicly listed enterprises with over 10,000 employees in a wide variety of fields. The study was conducted in Australia, New Zealand, Denmark, the UK, Sweden, Italy, France, Spain, the US, and Germany. CISOs and CIOs accounted for 23% of respondents, while the other respondents ranged from IT security analysts to directors, Bitdefender said.
CISOs and infosec professionals were found to be shoring up their defenses, with 51% and 48% respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.
The report said as many as 43% of infosec professionals report they are seeing a rise in ransomware attacks, and that 70% of CISOs/CIOs and 63% of infosec professionals expect to see an increase in ransomware attacks in the next year to year and a half. This is notable as almost half of CISOs/CIOs (49%) and just over two fifths of infosec professionals (42%) are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security, according to the findings.
In addition, 51% of infosec professionals, and 55% of CISOs and CIOs, agree that in order to increase investment in cybersecurity, the way that they communicate about security has to change dramatically. Two fifths of infosec professionals (41%) believe that more communication with the wider public and customers is needed so everyone has a better understanding of the risks.
"The reason that 63% of Infosec professionals believe that cyberwarfare is a threat to their organization is easy. Dependency on technology is at an all-time high and if someone was to take out the WiFi in a home or office, no one would be able to do anything. This dependency wasn't there a few years back, it wasn't even as high a few months back. This high-dependency on technology, doesn't just open the door for ransomware or IoT threats on an individual level, but also to cyberwarfare which can be so catastrophic it can ruin economies," said Neeraj Suri, Distinguished Professorship and Chair in Cybersecurity at Lancaster University.
The study also found a need to make a change within the makeup of the workforce. Fifteen percent of infosec professionals believe that the biggest development in cybersecurity over the next 12-18 months will be the increasing skills gap. If the skills deficit continues for another five years, 28% of CISOs and CIOs say they believe that it will destroy businesses. And another half of infosec professionals believe that the skills gap will be seriously disruptive if it continues for the next 5 years.
In addition, the study explores the gap between how security decision makers and infosec professionals view the current security landscape and reveals the changes they know they will need to make in the upcoming months and years of the 2020s. Cybersecurity success in the next 10 years, Bitdefender said, is seen as depending on the adaptability of security decisionmakers.
Liviu Arsene, Global Cybersecurity Researcher at Bitdefender said, "2020 has been a year of change — not only for the world at large — but for the security industry. The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare. It's of great concern to businesses and the economy — and yet not everyone is prepared for it. Security landscape will continue to evolve."
"To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way — we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors."
Over 40% of IT professionals are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security, a new study finds
Photo: Bigstock
Seven out of every every ten CISOs believe cyberwarfare is a threat to their organization, and yet just over a fifth admit to not even having a strategy in place to mitigate this risk, according to a new survey of thousands of IT professionals released Tuesday by cybersecurity company Bitdefender.
This is seen as especially alarming during a period of unprecedented global disruption, as half of infosec professionals agree that the increase of cyber warfare will be detrimental to the economy in the next 12 months, the company said.
Bitdefender's "10 in 10 Study" was carried out among more than 6,700 IT workers in a broad cross-section of organizations and industries, ranging from companies with around 100 employees to publicly listed enterprises with over 10,000 employees in a wide variety of fields. The study was conducted in Australia, New Zealand, Denmark, the UK, Sweden, Italy, France, Spain, the US, and Germany. CISOs and CIOs accounted for 23% of respondents, while the other respondents ranged from IT security analysts to directors, Bitdefender said.
CISOs and infosec professionals were found to be shoring up their defenses, with 51% and 48% respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.
The report said as many as 43% of infosec professionals report they are seeing a rise in ransomware attacks, and that 70% of CISOs/CIOs and 63% of infosec professionals expect to see an increase in ransomware attacks in the next year to year and a half. This is notable as almost half of CISOs/CIOs (49%) and just over two fifths of infosec professionals (42%) are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security, according to the findings.
In addition, 51% of infosec professionals, and 55% of CISOs and CIOs, agree that in order to increase investment in cybersecurity, the way that they communicate about security has to change dramatically. Two fifths of infosec professionals (41%) believe that more communication with the wider public and customers is needed so everyone has a better understanding of the risks.
"The reason that 63% of Infosec professionals believe that cyberwarfare is a threat to their organization is easy. Dependency on technology is at an all-time high and if someone was to take out the WiFi in a home or office, no one would be able to do anything. This dependency wasn't there a few years back, it wasn't even as high a few months back. This high-dependency on technology, doesn't just open the door for ransomware or IoT threats on an individual level, but also to cyberwarfare which can be so catastrophic it can ruin economies," said Neeraj Suri, Distinguished Professorship and Chair in Cybersecurity at Lancaster University.
The study also found a need to make a change within the makeup of the workforce. Fifteen percent of infosec professionals believe that the biggest development in cybersecurity over the next 12-18 months will be the increasing skills gap. If the skills deficit continues for another five years, 28% of CISOs and CIOs say they believe that it will destroy businesses. And another half of infosec professionals believe that the skills gap will be seriously disruptive if it continues for the next 5 years.
In addition, the study explores the gap between how security decision makers and infosec professionals view the current security landscape and reveals the changes they know they will need to make in the upcoming months and years of the 2020s. Cybersecurity success in the next 10 years, Bitdefender said, is seen as depending on the adaptability of security decisionmakers.
Liviu Arsene, Global Cybersecurity Researcher at Bitdefender said, "2020 has been a year of change — not only for the world at large — but for the security industry. The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare. It's of great concern to businesses and the economy — and yet not everyone is prepared for it. Security landscape will continue to evolve."
"To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way — we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors."
