Latest survey results – March 2020

The latest International Cyber Benchmarks Index™, for March 2020, is 33.1, maintaining the upward trend and a more significant spike than is typical.

Whether prepared for an event like COVID-19 and impact of work from home model

Almost two-thirds (64%) of companies experienced at least moderate disruptions to network security business practices due to the sudden shift to a work from home model. 29% did not have a plan in place to cope with a major event like the COVID-19 pandemic.

Whether prepared for an event like COVID-19 and impact of work from home model

Only 22% of corporate VPNs have handled the shift to work from home with no connectivity issues. In a third of cases, less than 50% of employees have been provided with a company-issued laptop.

Cyber threats ranked in order of level of concern

During January-February 2020, DDoS was the greatest concern followed by System compromise and then Ransomware.

How threat of attack by various vectors has changed

During January-February 2020, Social engineering - email was most likely to be perceived as an increasing threat to organisations, followed by DDoS and Ransomware.

How organisations’ ability to respond to threats has changed

During January-February 2020, organisations have focused most on increasing their ability to respond to Targeted hacking, Vendor or customer impersonation and Ransomware.

How the risk of attack from various actors has changed

During January-February 2020, organisations have perceived the most likely increase in threats to be from Criminals and Unknown actors.

How threat landscape has changed

During January-February 2020, organisations have continued to perceive the threat landscape to be increasing most from the World at large and least from within their own company.

Whether respondents have ever been on the receiving end of a DDoS

65% of enterprises surveyed in March 2020 indicated that they have been on the receiving end of a DDoS attack at some time, a higher proportion than in previous reporting periods*.

* Note that the sample composition changes from wave to wave which explains why the trend for this question can be down as well as up.

Whether survey respondents outsource DDoS mitigation

52% of enterprises surveyed in March 2020 outsource their DDoS mitigation, in line with the previous reporting period.

Length of time taken to initiate DDoS mitigation

In March 2020, enterprises were most likely to take between 60 seconds and 5 minutes to initiate DDoS mitigation, in line with previous reporting periods.