Respondents indicate organizations are unprepared to handle cyberwarfare, there’s no one-size-fits-all response to ransomware, and cybersecurity spending is on the rise
Armis, the leading asset visibility and security company, announced the Armis State of Cyberwarfare and Trends Report: 2022-2023, which highlights global IT and security professionals’ sentiment on cyberwarfare. The study shares sentiment from more than 6,000 global respondents across multiple industries, including healthcare, critical infrastructure, retail, supply chain and logistics, and more.
The Russian invasion of Ukraine has not only tragically upended the lives of countless people in a sovereign nation, but it is also causing geopolitical shockwaves of cyberwarfare that will reverberate for the foreseeable future. Today’s targets extend well beyond the higher levels of the opposition governments; any organization is a potential victim, with critical infrastructure and high-value entities at the top of the list.
“Cyberwarfare is the future of terrorism on steroids, providing a cost-effective and asymmetric method of attack, which requires constant vigilance and expenditure to defend against,” said Nadir Izrael, CTO and Co-founder of Armis. “Clandestine cyberwarfare is rapidly becoming a thing of the past. We now see brazen cyberattacks by nation-states, often with the intent to gather intelligence, disrupt operations, or outright destroy data. Based on these trends, all organizations should consider themselves possible targets for cyberwarfare attacks and secure their assets accordingly.”
Key global findings from the Armis State of Cyberwarfare and Trends Report: 2022-2023 include:
• One-third (33%) of global organizations are not taking the threat of cyberwarfare seriously, identifying as indifferent or unconcerned about the impact of cyberwarfare on their organization as a whole, leaving room for security gaps.
• Nearly a quarter of global organizations (24%) feel underprepared to handle cyberwarfare. Even still, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22%).
• Over 3 in 5 (64%) IT and security professionals surveyed agree with the statement, ‘The war in Ukraine has created a greater threat of cyberwarfare.’
• Over half (54%) of professionals who are the sole decision maker for IT security said they experienced more threat activity on their network between May 2022 and October 2022 when compared to the six months prior.
• Over half (55%) of IT professionals surveyed agree with the statement, ‘My organization has stalled or stopped digital transformation projects due to the threat of cyberwarfare.’ This percentage is even higher in specific countries, including Australia (79%), the U.S. (67%), Singapore (63%), the UK (57%), and Denmark (56%).
• When asked about their organization’s policy on paying ransoms in the event of a ransomware attack, IT professionals globally were divided in their responses. Twenty-four percent of respondents indicated their organization always pays, 31% said their organization only pays when customer data is at risk, 26% said the organization never pays, and 19% indicated that it depends.
• Just over three-quarters (76%) of IT professionals surveyed agree that the boards of directors are changing their organization’s culture towards cybersecurity in response to the threat of cyberwarfare.
• Almost 4 in 5 (78%) IT professionals surveyed said, when thinking about recent and ongoing sudden global events (such as the pandemic, Ukraine conflict, etc.), it’s likely that their company invests more of its budget into cybersecurity, with nearly 2 in 5 (37%) who think it’s very likely.
Proprietary data from the Armis Asset Intelligence and Security Platform collected from June 1, 2022 through November 30, 2022 confirmed the aforementioned trends haven’t slowed, only worsened. Threat activity against the global Armis customer base increased by 15% from September to November when compared to the three months prior. Further, Armis identified the largest percentage of threat activity against critical infrastructure organizations, with healthcare organizations the second most targeted when compared to various industries.
In addition to the key global findings from the report and complimentary proprietary data from the Armis platform, Armis zoomed in on regional trends with unique country-by-country analysis within breakout reports for the U.S., UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore).
Armis surveyed 6,021 IT and security professionals in firms with more than one hundred employees across the U.S., UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore). Those findings were gathered between September 22, 2022 and October 5, 2022 and depict the state of cyberwarfare globally across various regions and industries.
Above, Yevgeny Dibrov, co-founder and CEO, Armis / Image credited to Armis