Cyberwarfare could be an imminent threat to organizations
Cyberwarfare is a threat to their organization according to 71 percent of CISO, yet just over a fifth (22 percent) admit to not having a strategy in place to deal with this risk.
However, Bitdefender's latest global study shows that the threat is being taken seriously, with 51 percent and 48 percent respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.
The study of over 6,000 infosec professionals shows that old threats are still an issue too. During 2020, ransomware has surged with 43 percent reporting that they are seeing a rise in attacks. What’s more concerning is that 70 percent of CISOs/CIOs and 63 percent of infosec professionals also expect to see an increase in ransomware attacks in the next 12-18 months. This is of particular interest as almost half of CISOs/CIOs (49 percent) and just over two fifths of infosec professionals (42 percent) are worried that a ransomware attack could wipe out their business in the next 12-18 months if they don’t increase investment in security.
Worryingly, 59 percent of CISOs/CIOs and 50 percent of other infosec professionals believe that the business they work for would pay the ransom in order to prevent its information from being published -- making ransomware a potential cash cow.
In order to increase investment in cybersecurity, 51 percent of infosec staff believe the way that they communicate about security has to change dramatically. This number jumps up to 55 percent amongst CISOs and CIOs -- many of whom have a seat at the most senior decision making table in their organizations.
Liviu Arsene, global cybersecurity researcher at Bitdefender says:
2020 has been a year of change -- not only for the world at large -- but for the security industry. The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare. It's of great concern to businesses and the economy -- and yet not everyone is prepared for it. At the same time, infosec professionals have had to keep up with new threats from an old source, ransomware, that can affect companies' bottom lines if not handled carefully.
The one thing we know is that the security landscape will continue to evolve. Changes will happen, but we can now make sure they happen for better and not for worse. To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way -- we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors.
You can get the full report from the Bitdefender site.