Latest survey results - November 2021

The latest International Cyber Benchmarks Index™, for November 2021, is 51.4, maintaining the upward trend.

Extent to which 2022 cyber security budget has increased compared to last year

More than 8 out of 10 organizations have increased their cyber security budget for 2022 with 65% increasing by between 11-50%.

Extent to which board is involved in cyber security planning and whether anticipating cyber skills gap impacting plan for next year

The majority of organizations (93%) have board level involvement in cyber security planning and 50% acknowledge that they will need to bring in new team members to help them execute their strategy.

How planning to address challenge around cyber skills gap impacting security strategy and plan for next year

7 out of 10 organizations plan to address cyber skills gap challenges by increasing their reliance on third-party vendors and over half (56%) will bring in new team members.

Whether organization has insurance against cyberattacks and, if so, whether it has been a worthwhile investment

Half of organizations already have insurance against cyberattacks (40% are planning or considering it for 2022) and this has proven to be a worthwhile investment for almost all of them (94%).

Cyber threats ranked in order of level of concern

During September-October 2021, System Compromise was the greatest concern followed by DDoS and then Ransomware.

How threat of attack by various vectors has changed

During September-October 2021, Ransomware, DDoS and Targeted hacking were most likely to be perceived as increasing threats to organisations.

How organisations' ability to respond to threats has changed

During September-October 2021, organisations have focused most on increasing their ability to respond to Vendor or customer impersonation, Targeted hacking and IP address hacking.

How the risk of attack from various actors has changed

During September-October 2021, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.

How threat landscape has changed

During September-October 2021, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.

Whether respondents have ever been on the receiving end of a DDoS

82% of enterprises surveyed in November 2021 indicated that they have been on the receiving end of a DDoS attack at some time, up 1% on the previous reporting period*.

* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.

Whether survey respondents outsource DDoS mitigation

57% of enterprises surveyed in November 2021 outsource their DDoS mitigation, a 1% increase on the previous reporting period.

Length of time taken to initiate DDoS mitigation

In November 2021, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.