Latest survey results – September 2020

The latest International Cyber Benchmarks Index™, for September 2020, is 39.3, maintaining the upward trend.

Organization’s relationship with security threat data

Two-fifths of organizations indicate that the threat data they receive is not timely and actionable and so does not fully enable them to make key security decisions.

Accuracy, relevance and freshness of threat data received

Only 29% of organizations are ‘extremely’ happy with the accuracy and relevance of threat data received and almost half (48%) receive only periodic or sporadic updates.

Whether a victim of domain spoofing and/or hacking in the last 12 months

Approximately 1 in 3 organizations have been the victim of a successful domain spoofing (37%) or hacking (31%) attempt within the last 12 months.

Cyber threats ranked in order of level of concern

During July-August 2020, System compromise and DDoS were the greatest concerns followed by Ransomware.

How threat of attack by various vectors has changed

During July-August 2020, Targeted hacking was most likely to be perceived as an increasing threat to organisations, followed by Ransomware and DDoS.

How organisations’ ability to respond to threats has changed

During July-August 2020, organisations have focused most on increasing their ability to respond to Vendor or customer impersonation, Targeted hacking and DDoS.

How the risk of attack from various actors has changed

During July-August 2020, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.

How threat landscape has changed

During July-August 2020, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company and industry.

Whether respondents have ever been on the receiving end of a DDoS

72% of enterprises surveyed in September 2020 indicated that they have been on the receiving end of a DDoS attack at some time, up 2% on the previous reporting period*.

* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.

Whether survey respondents outsource DDoS mitigation

53% of enterprises surveyed in September 2020 outsource their DDoS mitigation, in line with the previous reporting period.

Length of time taken to initiate DDoS mitigation

In September 2020, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.