The International Cyber Benchmarks Index is an initiative of the Neustar International Security Council (NISC), an elite group of select cyber security leaders across key industries, that assesses the international cybersecurity landscape from the vantage point of security professionals across the EMEA and U.S. regions. Other key findings from the most recent survey include:
·Greatest Threats: System compromises and ransomware are the greatest threats to organisations – with 20 percent listing both as their primary concern – closely followed by Distributed Denial of Service (DDoS) attacks (19 percent), financial theft (18 percent), and attacks on intellectual property (17 percent).
·Increasing Concern: 47 percent of security professionals see DDoS attacks as increasingly harmful to their organisation this year, compared to 38 percent last year.
·No Sign of Slowing Down: 98 percent of companies surveyed have taken steps to minimise risks from the Meltdown-Spectre attack; nine out of ten respondents believe that these attacks will become the norm.
·Time to Mitigate: In 2017, half of the respondents claimed it would take them between 60 seconds and five minutes to act on an attack, with a quarter claiming it would only take 60 seconds, and the final 25 percent pushing the five-minute mark. Comparing this data to 2018, the clear majority (68 percent) still sit between 60 seconds and five minutes.
These numbers mirror data in Neustar's The Changing Face of Cyber Attacks report, which examined the effects of Memcached attacks and the largest DDoS attack ever recorded at 1.7Tbps. The study demonstrates how the different types of threats propagating today, combined with the sheer volume of attacks, can paint a discouraging picture. Even more alarming, however, is the fact that today’s threats seldom occur in isolation. For example, a DDoS threat in one segment can divert attention from malware in another, while ransomware can be used to hasten data exfiltration. Additional results show:
·IPv6 attacks will rise as companies adopt the new standard. Neustar thwarted what is believed to be the first IPv6 attack –the attack presented a new direction that attackers are likely to pursue as more and more companies adopt IPv6 and run dual IPv4/IPv6 stacks.
·IoT growth is paving the way for botnets, which are constantly evolving. Cyber criminals can rent or purchase these botnets with ease – making these threats one of the biggest issues for enterprises today.
Rodney Joffe, Head of NISC and Neustar Senior Vice President and Fellow, said, “While naturally distressing, these results should come as no surprise to anyone. Yes, security professionals are becoming more concerned about the level of threat to their organisations, because that same level of threat is continuing to rise at an extreme rate.”
“As we have seen over the past year, there are more threats to be aware of, whether in the form of DDoS, malware, application layer attacks or something else entirely, leaving professionals confused about where the next attack is coming from.”
“To successfully prepare for a cyber-attack in today’s landscape is to accept that your organisation will be the next target. If you are online, you are susceptible to an attack. Whether you are most vulnerable or not is entirely up to you.”