CrowdStrike survey reveals state-sponsored and ransomware attacks pose threats to business growth post-COVID
More than half of the organisations surveyed have suffered a ransomware attack in the last year and have accelerated their digital transformation efforts.
CrowdStrike, Inc., a leader in cloud-delivered endpoint andworkload protection, today announced the release of the 2020 CrowdStrike Global Security Attitude Survey, produced by independent research firm Vanson Bourne.This year in particular, the report revealed continued proliferation of ransomware, heightened concerns around nation-state actors, and the need for acceleration of both digital and security transformation.
Proliferation of ransomware leads to more frequent payouts,costing millions
Survey data indicates ransomware attacks have proven to be especially effective, as more than half (56%) of organisations surveyed have suffered a ransomware attack in the last year. The COVID-19 pandemic catalysed increasing concerns around ransomware attacks, with many organisations resorting to paying the ransom. The global attitude shifts from a question of if an organisation will experience a ransomware attack to a matter of when an organisation will inevitably pay a ransom.
Notable findings include:
• Concern around ransomware attacks continues to increase, with the stark increase in this year’s findings (54%) compared to 2019 (42%) and 2018 (46%).
• 71% of cybersecurity experts globally are more worried about ransomware attacks due toCOVID-19.
• Among those hit by ransomware, 27% chose to pay the ransom, costing organisations on average US$1.1 million owed to hackers.
• The APAC region is suffering the most when paying the ransom with the highest average payout at US$1.18 million, followed by EMEA at US$1.06 million and the U.S. at US$0.99 million.
Fear of nation-state cyberattacks can stifle business growth in post-COVID-19 world
Nation-state activity continues to weigh heavily on IT decision makers, as 87% of respondents agree that nation-state sponsored cyberattacks are far more common than people think. As growing international tensions and the global election year have created a nesting ground for increased nation-state activity, organisations are under increased pressure to resume operations despite the increased value of intellectual property and vulnerabilities caused by COVID-19.
Key highlights include:
• Even with the massive rise in eCrime over the course of 2020, 73% believe nation-state sponsored cyberattacks will pose the single biggest threat to organisations like theirs in 2021. In fact, concerns around nation-states have steadily increased, as 63% of cybersecurity experts view nation-states as one of the cyber criminals most likely to cause concern, consistently rising from 2018(54%) and 2019 (59%).
• 89% are fearful that growing international tensions (e.g. U.S.-China trade war) are likely to result in a considerable increase in cyber threats for organisations.
• Approximately two in five IT security professionals believe a nation-state cyberattack on their organisation would be motivated by intelligence (44%) or to take advantage of vulnerabilities caused by COVID-19 (47%).
Digital and security transformation accelerated as business priority
In the wake of these threats, cybersecurity experts have accelerated their digital and security transformation efforts to address the growing activity from eCrime and nation-state actors. While spend on digital transformation continues to trend upward, the COVID-19 pandemic accelerated the timeline for many organisations, costing additional investment to rapidly modernise security tools for the remote workforce.
Security transformation rollout findings include:
• 61% of respondents’ organisations have spent more than $1 million on digital transformation over the past three years.
• 90% of respondents’ organisations have spent a minimum of $100,000 to adapt to theCOVID-19 pandemic.
• 66% of respondents have modernised their security tools and/or increased the rollout of cloud technologies as employees have moved to work remotely.
• 78% of respondents have a more positive outlook on their organisation’s overarching security strategy and architecture over the next 12 months.
“This year has been especially challenging for organisations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide,” said Michael Sentonas, chief technology officer, CrowdStrike. “Now more than ever, organisations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations.Cybersecurity teams around the globe are making strides in improving their security posture by moving their security infrastructure to the cloud and remaining diligent in their incident detection, response and remediation practices.”
For additional information, please read the following:
Commissioned by CrowdStrike, the study surveyed 2,200 senior IT decision-makers and IT security professionals in the U.S., U.K., France,Germany, Spain, Italy, Netherlands, Middle East, India, Japan, Singapore and Australia across major industry sectors. The report details the attitudes and beliefs of those in charge of cybersecurity, and tracks how they are faring against sophisticated and pervasive cyberattacks.