71% of CISOs Believe Cyber-warfare is a Threat to Their Organization
In addition, the report found that 50% of infosecurity professionals believe cyber-warfare will be detrimental to the overall economy during the next 12 months.
Despite this, over a fifth (22%) of CISOs admitted that they do not currently have a strategy in place to defend against this threat. More encouragingly, 51% of CISOs and 48% of infosec professionals acknowledged that they need a strategy to protect against cyber-warfare during the next 12-18 months.
The survey of 6,724 infosecurity professionals also showed that ransomware has risen substantially amid the COVID-19 pandemic in 2020, with 43% reporting seeing an increase in this type of attack. Close to three-quarters (70%) of CISOs/CIOs and 63% of infosec professionals said they expect to see ransomware attacks grow further in the next 12-18 months, while 59% of CISOs/CIOs and 50% of infosec professionals expressed fears that a ransomware attack could potentially wipe out their business in the next 12-18 months if there is no increased investment in security.
In order to gain internal investment to improve defences against these cyber-warfare and ransomware threats, there was agreement amongst 51% of infosec professionals that the way they communicate about security has to change dramatically. In regard to the type of changes needed, 41% of infosec professionals believe more communication with the wider public are required, both within and organization and outside. Additionally, 38% feel there should be better communication with C-suite executives, particularly in helping them appreciate the wider business risks posed by these cyber-attacks.
Liviu Arsene, global cybersecurity researcher at Bitdefender commented: “2020 has been a year of change — not only for the world at large — but for the security industry. The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare. It’s of great concern to businesses and the economy — and yet not everyone is prepared for it. At the same time, infosec professionals have had to keep up with new threats from an old source, ransomware, that can affect companies' bottom lines if not handled carefully.
“The one thing we know is that the security landscape will continue to evolve. Changes will happen, but we can now make sure they happen for better and not for worse. To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way — we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors.”