Latest survey results – September 2021

The latest International Cyber Benchmarks Index™, for September 2021, is 49.7, maintaining the upward trend.

Whether organization has experienced a DNS attack in last 12 months and, if so, what impact it had on the business

72% of organizations have experienced at least one DNS attack in the last 12 months and for the impact was significant in 58% of cases.

Type(s) of attack that organizations experiencing DNS attack(s) in last 12 months have been targeted with

The most common types of DNS attack experienced are hijacking followed closely by flood, reflection/amplification or other DDoS attack.

Importance of company website for business continuity/customer fulfilment

The company website is vital to business continuity/customer fulfilment for the majority of organizations.

Level of confidence that organization is prepared to deal with a DNS attack

Whilst the majority of organizations are at least somewhat confident in their preparedness to deal with a DNS attack, only 3 in 10 are very confident.

Cyber threats ranked in order of level of concern

During July-August 2021, DDoS was the greatest concern followed by System Compromise and then Ransomware.

How threat of attack by various vectors has changed

During July-August 2021, Ransomware, DDoS and Targeted hacking were most likely to be perceived as increasing threats to organisations.

How organisations’ ability to respond to threats has changed

During July-August 2021, organisations have focused most on increasing their ability to respond to Targeted hacking, Supply chain compromise - cyber and Vendor or customer impersonation.

How the risk of attack from various actors has changed

During July-August 2021, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.

How threat landscape has changed

During July-August 2021, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.

Whether respondents have ever been on the receiving end of a DDoS

81% of enterprises surveyed in September 2021 indicated that they have been on the receiving end of a DDoS attack at some time, up 2% on the previous reporting period*.

* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.

Whether survey respondents outsource DDoS mitigation

56% of enterprises surveyed in September 2021 outsource their DDoS mitigation, in line with the previous reporting period.

Length of time taken to initiate DDoS mitigation

In September 2021, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.