The latest International Cyber Benchmarks Index™, for September 2019, is 26.9, maintaining the upward trend.
Impact of cyber attacks
Most participants continued to agree that a Web Application Firewall (WAF) is an essential component of their security infrastructure.
Experience of and concern about attacks against IoT devices or equipment
Almost half (48%) of organizations have experienced attacks against IoT/connected devices or equipment in the last year and there is high concern about further attacks.
Planning and confidence in personnel dealing with ransomware attack against IoT devices or equipment
Less than half (47%) of organizations have a plan in place to deal with a ransomware attack on their IoT devices/equipment which explains why only a quarter (27%) are very confident in their personnel.
Cyber threats ranked in order of level of concern
During July-August 2019, System compromise was the greatest concern followed by DDoS and then Ransomware.
How threat of attack by various vectors has changed
During July-August 2019, Social engineering – email was most likely to be perceived as an increasing threat to organisations, followed by DDoS and Ransomware.
How organisations’ ability to respond to threats has changed
During July-August 2019, organisations have focused most on increasing their ability to respond to Ransomware, Targeted hacking and DDoS .
How the risk of attack from various actors has changed
During July-August 2019, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.
How threat landscape has changed
During July-August 2019, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.
Whether respondents have ever been on the receiving end of a DDoS
59% of enterprises surveyed in September 2019 indicated that they have been on the receiving end of a DDoS attack at some time, a higher proportion than in previous reporting periods*.
* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.
Whether survey respondents outsource DDoS mitigation
50% of enterprises surveyed in September 2019 outsource their DDoS mitigation, in line with the previous reporting period.
Length of time taken to initiate DDoS mitigation
In September 2019, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.