BUCHAREST, Romania, Sept. 22, 2020 /PRNewswire/ -- Seven in every ten CISOs (71%) believe cyberwarfare is a threat to their organization, and yet just over a fifth (22%) admit to not having a strategy in place to mitigate this risk. This is especially alarming during a period of unprecedented global disruption, as half of infosec professionals (50%) agree that the increase of cyber warfare will be detrimental to the economy in the next 12 months.
CISOs and Infosec professionals however are shoring up their defenses — with 51% and 48% respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months. These findings, and more, are revealed today in Bitdefender's global 10 in 10 Study — which highlights how, in the next 10 years, cybersecurity success lies in the adaptability of security decision makers, while simultaneously looking back into the last decade to see if valuable lessons have already been learnt about the need to make tangible changes in areas such as diversity. It explores, in detail, the gap between how security decision makers and infosec professionals view the current security landscape and reveals the changes they know they will need to make in the upcoming months and years of the 2020s. The study takes into account the views and opinions of more than 6,724 infosec professionals representing a broad cross-section of organizations from small 101+ employee businesses to publicly listed 10,000+ person enterprises in a wide variety of industries, including technology, finance, healthcare and government.
The rise and fall (and rise again) of ransomware
Outside of the rise of cyberwarfare threats, an old threat is rearing its head — ransomware. During the disruption of 2020, ransomware has surged with as much as 43% of infosec professionals reporting that they are seeing a rise in ransomware attacks. What's more concerning is that 70% of CISOs/CIOs and 63% of infosec professionals expect to see an increase in ransomware attacks in the next 12-18 months. This is of particular interest as almost half of CISOs/CIOs (49%) and just over two fifths of infosec professionals (42%) are worried that a ransomware attack could wipe out the business in the next 12-18 months if they don't increase investment in security.
A stepchange in communication is in high demand
Cyberwarfare and ransomware are complex topics to unpack, amongst many others in infosec. The inherent complexity of infosec topics does however make it hard to gain internal investment and support for projects. This is why infosec professionals believe a change is needed. In fact, 51% of infosec professionals agree that in order to increase investment in cybersecurity, the way that they communicate about security has to change dramatically. This number jumps up to 55% amongst CISOs and CIOs — many of whom have a seat at the most senior decision making table in their organizations.
The question is, what changes need to be made? Two fifths of infosec professionals (41%) believe that in the future more communication with the wider public and customers is needed so everyone, both in and organization and outside, better understands the risks.
"The reason that 63% of Infosec professionals believe that cyberwarfare is a threat to their organization is easy. Dependency on technology is at an all-time high and if someone was to take out the WiFi in a home or office, no one would be able to do anything. This dependency wasn't there a few years back, it wasn't even as high a few months back. This high-dependency on technology, doesn't just open the door for ransomware or IoT threats on an individual level, but also to cyberwarfare which can be so catastrophic it can ruin economies," comments, Neeraj Suri, Distinguished Professorship and Chair in Cybersecurity at Lancaster University
Diversity, and specifically neurodiversity, is key to future success
Outside of the drastic changes that are needed in the way cybersecurity professionals communicate, there's also a need to make a change within the very makeup of the workforce. The infosec industry as a whole has long suffered from a skills shortage, and this looks to remain an ongoing and increasingly obvious issue. 15% of infosec professionals believe that the biggest development in cybersecurity over the next 12-18 months will be the skills gap increasing. If the skills deficit continues for another five years, 28% of CISOs and CIOs say they believe that it will destroy businesses. And another half (50%) of infosec professionals believe that the skills gap will be seriously disruptive if it continues for the next 5 years.
Liviu Arsene, Global Cybersecurity Researcher at Bitdefender concludes, "2020 has been a year of change — not only for the world at large — but for the security industry. The security landscape is rapidly evolving as it tries to adapt to the new normal, from distributed workforces to new threats. Amongst the new threats is cyberwarfare. It's of great concern to businesses and the economy — and yet not everyone is prepared for it. Security landscape will continue to evolve. To succeed in the new security landscape the way we as an industry talk about security has to become more accessible to a wider audience to gain support and investment from within the business. In addition, we have to start thinking about plugging the skills gap in a different way — we have to focus on diversity, and specifically neurodiversity, if we are to stand our ground and ultimately defeat bad actors."
About the research
The Bitdefender 10 in 10 Study was conducted among 6,724 IT workers in May 2020 across the UK, US, Australia, New Zealand, Germany, France, Italy, Spain, Denmark, and Sweden. Representing a broad cross-section of organizations and industries, from companies with 100 or more employees, through to publicly listed 10,000+ person enterprises. 23% of the audience were made up of CISOs and CIOs, while other respondents ranged from IT security analysts to directors — all of whom have control over budget and decision making as it relates to cybersecurity within their organizations.
Bitdefender is a global cybersecurity leader protecting over 500 million systems in more than 150 countries. Since 2001, Bitdefender innovation has consistently delivered award-winning security products and threat intelligence for the smart connected home, mobile users, modern businesses and their networks, devices, data centers and Cloud infrastructure. Today, Bitdefender is also the provider of choice, embedded in over 38% of the world's security solutions. Recognized by industry, respected by vendors and evangelized by customers, Bitdefender is the cybersecurity company you can trust and rely on.