The latest International Cyber Benchmarks Index™, for August 2018, is 16.9, maintaining the upward trend.
Impact of cyber attacks
The vast majority of participants agreed that a Web Application Firewall (WAF) is an essential component of their security infrastructure. This increases the survey average by three points.
GDPR: Ease of compliance with ‘security principle’ and number of people days involved
1 in 5 organizations experienced some difficulty complying with GDPR’s security principle and compliance took an average of 30 people days.
GDPR: Ranking of GDPR aims in terms of ease of compliance
Minimizing the impact of personal data breach proved the most difficult GDPR aim to achieve.
Cyber threats ranked in order of level of concern
During June-July 2018, DDoS was the greatest concern followed closely by System compromise and then Ransomware.
How threat of attack by various vectors has changed
During June-July 2018, DDoS was most likely to be perceived as an increasing threat to organisations, followed by Social engineering – email and Generalized phishing.
How organisations’ ability to respond to threats has changed
During June-July 2018, organisations have focused most on increasing their ability to respond to DDoS, Ransomware and Targeted hacking.
How the risk of attack from various actors has changed
During June-July 2018, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.
How threat landscape has changed
During June-July 2018, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.
Whether respondents have ever been on the receiving end of a DDoS
45% of enterprises surveyed in August 2018 have *ever been on the receiving end of a DDoS, a higher proportion than in previous reporting periods.
* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.
Whether survey respondents outsource DDoS mitigation
49% of enterprises surveyed in August 2018 outsource their DDoS mitigation, slightly up on the previous reporting period, and increasing the average to 43%.
Length of time taken to initiate DDoS mitigation
In August 2018, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.